GNU/Linux Desktop Survival Guide
by Graham Williams
DSA Key Generation
Version 2 of ssh provides alternative encryption methods with DSA encryption instead of the RSA keys for Version 1. There is debate as to which is more secure. Version 2 encrypts more of the data but always uses the same Diffie-Hellman group (perhaps being more likely then that it has been cracked).
inx$ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/kayon/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/kayon/.ssh/id_dsa. Your public key has been saved in /home/kayon/.ssh/id_dsa.pub. The key fingerprint is: cc:50:d4:85:86:56:b8:8a:77:57:61:51:63:89:46:09 [email protected] $ scp .ssh/id_dsa.pub alpine:.ssh/authorized_keys2.inx $ ssh alpine $ cd .ssh $ cat authorized_keys2.inx >> authorized_keys2 $ exit
Be sure the protections on the files do not permit others to access them. In particular, ssh won't work if the /home/kayon/.ssh/authorized_keys is writable by anyone other than the user.