Bob Proulx wrote:

> I am not aware of any problem with using DSA. It is just that RSA is
> the more preferred solution by many.
>
> The purpose of DSA was to avoid the RSA patent. Since the RSA patent
> is now long expired there is no longer any reason to avoid using RSA.
>
> +1 on using id_rsa.pub by default, or other more generic solution.


OK.

>
> > I just thought that having the default being the case that nobody
> > uses (perhaps I should say, that nobody should use) any more is a
> > little strange.

>
> I am not quite understanding what you are saying here. Are you saying
> that people should not use DSA? This is not the case. DSA is
> perfectly fine to use. It is just not as efficient as using RSA.
> That is what makes use of RSA the preferred choice by many.
>


ssh-copy-id is using the RSA1 identity.pub by default. My point was that
nobody should use RSA1, so this should be changed: I went for id_dsa.pub
but so far at least, the vote (by a margin of 2 to 1!-) seems to be
going for id_rsa.pub (or a more inclusive solution).

What do you think about the proposals to eliminate duplicate keys from
..ssh/authorized_keys?

Regards,
Nick



_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev