[python-committers] PSA: replace your DSA keys for SSH
Donald Stufft
donald at stufft.io
Fri Aug 28 01:36:59 CEST 2015
On August 27, 2015 at 4:37:21 PM, Georg Brandl (g.brandl at gmx.net) wrote:
> Hi all,
>
> newer OpenSSH versions (7.0+) default to not allowing ssh-dss keys for
> public key authentication. If you experience "permission denied" errors,
> this (currently) comes from the client side only and hg.python.org will
> accept these keys if you enable them using the PubkeyAcceptedKeyTypes
> option in your SSH config file.
>
> Of course ssh-dss is being phased out for a reason; we'd like to invite
> everybody who has only DSA keys submitted for hg.python.org access to
> send an RSA (min. 1024 bits) or ED25519 key to hgaccounts at python.org.
>
>
Can we bump up the minimum on RSA keys? 1024 isn’t really enough anymore, ideally they’d be at least 4096 but 2048 is also OK.
-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
More information about the python-committers
mailing list