cvs: Permission denied (publickey).
Stephen John Smoogen
smooge at gmail.com
Sat Aug 23 23:09:34 UTC 2008
On Sat, Aug 23, 2008 at 3:37 PM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> 2008/8/23 Axel Thimm <Axel.Thimm at atrpms.net>:
>> On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote:
>>> 2008/8/23 Axel Thimm <Axel.Thimm at atrpms.net>:
>>> >
>>> > I saw that some people are using CVS again, so I tried as well, but I
>>> > got:
>>> >
>>> > athimm at devel(1012):/home/.../smart/devel$ cvs up
>>> > Permission denied (publickey).
>>> > cvs [update aborted]: end of file from server (consult above messages if any)
>>> >
>>> > I have a new FAS password, all certs updated, I even checked the cvs
>>> > procedures for newbies on fpo, but I had no luck. What am I doing
>>> > wrong?
>>>
>>> Did you upload a new SSH public key?
>>
>> It won't let me:
>>
>> Error!
>>
>> The following error(s) have occured with your request:
>>
>> * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
>>
>> Have DSA keys now been banned?
>
> Yes.
>
>> Why?
>
> The primary reason is that it's nearly impossible to tell if the key
> was generated on a Debian system with the compromised OpenSSL
> versions. I've heard rumblings that DSA keys are weaker for other
> reasons, but I've not seen any good explanations.
>
There are several mathematical weaknesses in DSA keys that were
outlined during the OpenSSL problems. I believe the main one is that
the DSA signature can give away the private key.
--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the Fedora-infrastructure-list
mailing list