[python-committers] Weak SSH keys
Antoine Pitrou
antoine at python.org
Wed Jun 3 15:31:25 CEST 2015
Le 03/06/2015 15:27, Benjamin Peterson a écrit :
>
>
> On Wed, Jun 3, 2015, at 08:21, Antoine Pitrou wrote:
>>
>> Le 02/06/2015 18:42, Benjamin Peterson a écrit :
>>>
>>>
>>> On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
>>>> Le 02/06/2015 18:28, Benjamin Peterson a écrit :
>>>>>
>>>>> Also, everyone should use ed25519 keys now. :)
>>>>
>>>> Depends if the servers you connect to have all been migrated to a recent
>>>> enough OpenSSH.
>>>
>>> SSH can use your older keys if you don't delete them.
>>
>> Is there a way of debugging which key is actually used? "ssh -v" isn't
>> very useful.
>
> Really? I see output from ssh -v like this:
>
> debug1: Offering ED25519 public key: /home/benjamin/.ssh/id_ed25519
> debug1: Authentications that can continue: publickey
> debug1: Offering RSA public key: /home/benjamin/.ssh/id_rsa
> debug1: Authentications that can continue: publickey
> debug1: Offering DSA public key: /home/benjamin/.ssh/id_dsa
> debug1: Server accepts key: pkalg ssh-dss blen 435
Yes, but why does it try keys in that order? And why is a key accepted
or not?
Regards
Antoine.
More information about the python-committers
mailing list