1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Use DSA instead of RSA for the host key.

Discussion in 'Tomato Firmware' started by Mangix, Jan 29, 2013.

  1. Mangix

    Mangix Networkin' Nut Member

    I fired up a completely new VM and tried connecting to a router of mine running tomato. Output was similar to this:
    Code:
    The authenticity of host x can't be established.
    RSA key fingerprint is x
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added x(RSA) to the list of known hosts.
    Permission denied (publickey).
    Which basically looks like the host key is an RSA one.

    Is there a way to change that to a DSA key instead? The main benefit of doing so would be slightly faster performance(DSA is faster at signing than RSA).
     
  2. koitsu

    koitsu Network Guru Member

    Ohh stop it. DSA is limited to 1024 bits, while RSA is not. And you just complained in another thread, re: "why did you use 1024 instead of 2048?" Sheesh man. :p

    The reason DSA was invented had to do with the RSA patent existing at the time -- that patent expired and RSA was made public domain in late 2000.

    TL;DR -- Use RSA. Nobody uses DSA at this point. The performance delta is so beyond negligible for something that's done once anyway...
     
  3. Mangix

    Mangix Networkin' Nut Member

    DSA is definitely not limited to 1024 bits. The 'openssl speed' command shows DSA keys of 2048. And I also believe that the standard was amended to include 2048-bit keys.

    As for DSA being invented as a patent free solution to RSA, this is true. However it is also true that DSA is fast at generating signatures and slow at verifying then while the reverse is true for RSA. Actually, ECDSA is even faster at signing.

    And yes, even though this is done once per SSH connection, DSA still offers lower CPU usage at the expense of connecting clients(who have much more powerful CPUs). This could make a small difference if you're trying to connect to a router whose CPU is being highly utilized(too much traffic, DoS, etc...)..

    It's also very odd how there's a 'sshd_dsskey' variable which seems to not be used for anything.
     
  4. koitsu

    koitsu Network Guru Member

    It looks like DSA was extended to 2048 with the introduction of FIPS 186-3; the last one I bothered to read (well, skim -- a lot of it is over my head) was FIPS 186. So yep, I'm completely wrong on that point!

    Who is using their router as the equivalent of a multi-user Linux shell machine? I've yet to encounter anyone doing this. I think the concern over RSA vs. DSA is negligible given the demographic. That's my stance on it anyway.

    You can dig through the source code to the firmware if you want to see if sshd_dsskey is used/referenced anywhere, otherwise it could be a result from lack-of a thorough NVRAM erase when changing between firmwares (which I know you do :p), or possibly it's something forced by the CFE or in the stock default code (i.e. put in place and someone planned on using it but never did). There's lots and lots of crap in NVRAM that amounts to jack squat.

    dropbear does support the -d argument which points to a DSS (DSA) key. You can make one with dropbearkey and restart the daemon referencing that; but if you want something out-of-the-box (GUI bits, setting proper daemon flags, etc.)... well, you know the open-source mantra, right?
     

Share This Page