Date: Wed, 21 Jun 2000 23:00:04 -0700 (PDT) From: David Malone <dwmalone@maths.tcd.ie> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/19431: rc.network wants to generate unsupported DSA key for SSH Message-ID: <200006220600.XAA45889@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/19431; it has been noted by GNATS. From: David Malone <dwmalone@maths.tcd.ie> To: Gregory Bond <gnb@itga.com.au> Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: conf/19431: rc.network wants to generate unsupported DSA key for SSH Date: Thu, 22 Jun 2000 06:59:32 +0100 On Thu, Jun 22, 2000 at 02:24:33PM +1000, Gregory Bond wrote: > I don't know whether this is a simple bug in rc.network (in which case > the fix is simple), or if DSA is supported in the US version but not the > international version (which seems more likely). In the latter case, > rc.network needs to be more careful about what it attempts to do. > Should it grep USA_RESIDENT out of make.conf? This is ugly, but I can't > think of anything less ugly! I'm building from international crypto sources here, cvsuped indirectly from cvsup.uk.FreeBSD.org and it built a DSA key fine. "ssh-keygen -d" still seems to work too. Are you sure you have recent crypto sources? (DSA is actually more likely to be exported from the US than RSA. DSA is designed as a signature algorithm and was designed to be difficult to use for encryption. It is possible to use it for encryption tough, just not as easy as RSA). David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006220600.XAA45889>