RSA or DSA keys

[williams_k]

I am planning to make some changes with SSH and I got the point to generate RSA or DSA keys. What is the basic changes in the two mentioned areas.Also, It was my understanding that this made it unnecessary to type my password. I specified a pass phrase and know it asks for that one all the time. Is this normal behavior ?

[rocky123]

RSA and DSA are two different algorithms which is used in plenty of the area of security. RSA can be used both for encrypting and signing, while DSA can only be used for signing. I think DSA is considered more secure if you just want to sign stuff, but I'm not sure about that.The difficulty of cracking RSA and DSA with identical key lengths are the same. RSA keys are not allowed to be exported out of the US which makes DSA preferrable for ssh keys if you want to be a law abiding citizen.

[LEE]

Quote:

Originally Posted by rocky123

RSA and DSA are two different algorithms which is used in plenty of the area of security. RSA can be used both for encrypting and signing, while DSA can only be used for signing. I think DSA is considered more secure if you just want to sign stuff, but I'm not sure about that.The difficulty of cracking RSA and DSA with identical key lengths are the same. RSA keys are not allowed to be exported out of the US which makes DSA preferrable for ssh keys if you want to be a law abiding citizen.

Is it a same stuff, RSA and DSA algorithms in Linux/windows. Do RSA and DSA algorithms have an application,How RSA and DSA keys can be used to make SSH transactions even more secure in Linux, windows security regarding password. Can someone explain the basic difference as well as its security ?

[Jeffrey]

The passphrase which is the key for the symmetric cipher. The symmetric cipher key is encrypted with encripted code with a specific kind of passphrase , so SSH can't decrypt the key for usage if you don't specify the passphrase. Indeed, it is normal behaviour for it to ask for the passphrase every time. You can change the passphrase with "ssh-keygen -p". You can even choose not to have a passphrase, which is convienent for jumping between computers without using a password. Of course, it's bad if someone would get your private key, since they would be able to do the same, but as long as you keep your secret key in a safe place and unreadable for other users than yourself, you're safe.

[shane10]

Is that it to RSA or DSA key ? CERT uses an RSA key for PGP message signing, and I downloaded it from there website, with no warning from their site. So can that really be? But that can't be, I just looked at gpg and it only uses DSA for signing and ElGamal for encryption, right?