Bug 481513 - SSH Keys: remove insecure DSA key generation
Summary: SSH Keys: remove insecure DSA key generation
Status: NEW
Alias: None
Product: Platform
Classification: Eclipse Project
Component: Team (show other bugs)
Version: 4.5   Edit
Hardware: PC All
: P3 normal with 1 vote (vote)
Target Milestone: ---   Edit
Assignee: Platform Team Inbox CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-11-05 09:27 EST by Johan Ahlers CLA
Modified: 2022-04-28 04:02 EDT (History)
7 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johan Ahlers CLA 2015-11-05 09:27:49 EST 
DSA-1024 bit keys are considered unsecure nowadays. On the other hand Openssh struggles to work with longer DSA keys. I would suggest to remove DSA key generation completely (there is still RSA key generation which can be fixed for longer keys).

Users could still use "load existing key..." button and generate keys outside eclipse, if they really *need* DSA keys.


Steps to reprodce

1) General > Network Connections > SSH2 > Key Management > "Generate DSA Key..."

Actual Result
1024 bit DSA key

Expected Result
No DSA key generation button for DSA
Comment 1 Matthias Sohn CLA 2015-11-05 17:33:10 EST 
SSH Key management is not part of EGit but provided by Team in platform
Comment 3 Johan Ahlers CLA 2015-11-14 13:30:49 EST 
Lars, thanks for providing your ebook. Many pages to read ;-)

I can work on a patch. Schedule would be a weekend during december.
Comment 4 Lars Vogel CLA 2015-11-15 09:59:00 EST 
(In reply to Johan Ahlers from comment #3)
> Lars, thanks for providing your ebook. Many pages to read ;-)
> 
> I can work on a patch. Schedule would be a weekend during december.

Sounds good. Thanks.