Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 379151 - DOC: cvs-sshkeys describes DSA key creations, but says nothing about availability of other algos
Summary: DOC: cvs-sshkeys describes DSA key creations, but says nothing about availabi...
Status: RESOLVED WORKSFORME
Alias: None
Product: [OLD] Docs on www.gentoo.org
Classification: Unclassified
Component: Other documents (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Infrastructure
URL: http://www.gentoo.org/proj/en/infrast...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-08-14 13:26 UTC by Sergei Trofimovich (RETIRED)
Modified: 2015-05-25 17:54 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sergei Trofimovich (RETIRED) gentoo-dev 2011-08-14 13:26:57 UTC 
http://www.gentoo.org/proj/en/infrastructure/cvs-sshkeys.xml

When I filled my ebuild qiuz 1.5 years ago I had RSA key,
but got([1]) an impression DSA was the only available format so created
second key.

May I ask someone from crypto herd help to add some text about
DSA, RSA (and ECDSA?) and which one should Average Dev pick?

Thanks!

[1]: http://www.gentoo.org/proj/en/infrastructure/cvs-sshkeys.xml
Comment 1 Sergei Trofimovich (RETIRED) gentoo-dev 2011-08-14 15:04:40 UTC 
Oh, and this one states on DSA explicitely:

> http://www.gentoo.org/proj/en/devrel/recruiters/mentor.xml

> Along with the quiz, an OpenSSH SSH2 DSA public key for infrastructure access should be provided to recruiters.
Comment 2 Sergei Trofimovich (RETIRED) gentoo-dev 2011-08-16 17:01:37 UTC 
One more http://www.gentoo.org/proj/en/devrel/recruiters/

> Along with the quiz , an OpenSSH SSH2 DSA public key for
> infrastructure access should be provided to recruiters.
Comment 3 Alon Bar-Lev (RETIRED) gentoo-dev 2012-12-15 23:01:58 UTC 
Hello Sergei,

Bit late...

But now ecdsa is the preferred method as far as I know, it uses much shorter keys with same strength...

Some reading is available at[1].

[1] http://infosecurity.ch/20100926/not-every-elliptic-curve-is-the-same-trough-on-ecc-security/
Comment 4 Alon Bar-Lev (RETIRED) gentoo-dev 2013-01-12 19:19:12 UTC 
Please CC crypto if any more help is required.
Comment 5 Alex Legler (RETIRED) archtester gentoo-dev Security 2015-05-25 17:54:41 UTC 
Doc will be updated when other keys are officially supported.