Using DSA keys instead of RSA - key-based authentitication

Follow

Comments

2 comments

  • Avatar
    Nelson Woord

    Correct. If you're using DSA keys with a system like ClusterControl (cmon), you can configure the SSH identity file by setting it in /etc/cmon.cnf:

    ssh_identity=/root/.ssh/id_dsa
    Then apply the change by restarting the cmon service:


    service cmon restart
    ✅ However, DSA is deprecated, so use ED25519 or RSA if possible for better security.

    0
    Comment actions Permalink
  • Avatar
    Pandrhola

    Thanks for the clear and concise explanation. I have one question: if I switch from RSA to DSA by setting ssh_identity in cmon.cnf, are there any compatibility or security considerations with newer OpenSSH versions that may disable or discourage DSA keys by default? I'd appreciate your thoughts on whether migrating to newer key types would be a better long-term approach.

    - slope game-

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk