From owner-freebsd-security  Fri Oct 26  9:27:48 2001
Delivered-To: freebsd-security@freebsd.org
Received: from kosh.etchings.com (kosh.etchings.com [216.231.38.40])
	by hub.freebsd.org (Postfix) with ESMTP id 0282A37B405
	for <security@FreeBSD.ORG>; Fri, 26 Oct 2001 09:27:42 -0700 (PDT)
Received: by kosh.etchings.com (Postfix, from userid 1000)
	id 524C4117040; Fri, 26 Oct 2001 09:27:41 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by kosh.etchings.com (Postfix) with ESMTP
	id 5144011703F; Fri, 26 Oct 2001 09:27:41 -0700 (PDT)
Date: Fri, 26 Oct 2001 09:27:41 -0700 (PDT)
From: Brian Kraemer <brian@etchings.com>
To: Tom Beer <mailings@analogon.com>
Cc: <security@FreeBSD.ORG>
Subject: Re: Putty & SSH
In-Reply-To: <006801c15dee$471d80c0$0901a8c0@system>
Message-ID: <20011026092247.P2138-100000@kosh.etchings.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

The putty developers had/have some security concerns with DSA keys (what
most ssh 2.0 implementations use) so they don't support them. There is
hope however;

Here's an exchange I had with one of the putty developers.

-Brian



Date: Thu, 13 Sep 2001 08:58:33 +0100
From: Simon Tatham
To: Brian Kraemer
Subject: Re: [putty]public key authentication for ssh 2

Brian Kraemer wrote:

> The section about DSA keys in your "non-wish list" on the putty web page
> seems to indicate that public key authentication for ssh 2 is not
> implemented at all (and probably won't be). Is this a true statement?

Not any more. It was at the time of the 0.51 release, but since then
the major SSH server implementors have introduced the possibility of
RSA keys in SSH 2, and the development snapshots of PuTTY and
PuTTYgen do support it, as will the upcoming 0.52 release.

> Can you use RSA (or another type) keys with ssh 2? Sorry, I'm not
> completely up to speed on all the workings of SSH/SSH2.

That's perfectly all right. SSH 2 has inherent support for multiple
key types, but RSA was only introduced to the drafts fairly
recently, so you could easily be forgiven for not having known about
it yet :-)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message