[Sugar-devel] [PATCH 2/2 sugar] Create new owner keys as RSA keys instead of DSA

Sascha Silbe sascha-ml-reply-to-2011-4 at silbe.org
Sun Dec 4 09:19:56 EST 2011

Previous message: [Sugar-devel] Notes from Installing sweet-sugar in f16 gnome3-shell
Next message: [Sugar-devel] Creating keyboard maps
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Excerpts from Bernie Innocenti's message of 2011-11-28 20:44:46 +0100:

> > A few quick tests have shown no significant differences in ssh-keygen
> > runtime (if anything RSA key generation is faster). As stated before, no
> > other piece of code does cryptographic operations with the key,
> 
> I can't check  the code right now, but IIRC the schoolserver
> registration and backups use an ssh key stored somewhere in ~/.sugar/.

Thanks for pointing this out. I found the piece of code that sets up the
authorized_keys file on the XS [1] and it contains a hard-coded assumption
of DSA. :-/

Sugar transmits the key without telling the server the key type [2,3] so
this isn't easy to fix without protocol changes, rendering this patch
series moot.

Sascha

[1] http://dev.laptop.org/git/projects/idmgr/tree/scripts/create_user#n104
[2] http://git.sugarlabs.org/sugar-toolkit/mainline/blobs/master/src/sugar/profile.py#line99
[3] http://git.sugarlabs.org/sugar/mainline/blobs/master/src/jarabe/desktop/schoolserver.py#line140
-- 
http://sascha.silbe.org/
http://www.infra-silbe.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.sugarlabs.org/archive/sugar-devel/attachments/20111204/6b3d8931/attachment.pgp>

Previous message: [Sugar-devel] Notes from Installing sweet-sugar in f16 gnome3-shell
Next message: [Sugar-devel] Creating keyboard maps
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Sugar-devel mailing list