There's a long running debate about which is better for SSH public key authentication, RSA or DSA keys. With "better" in this context meaning "harder to crack/spoof" the identity of the user. This generally comes down in favor of RSA because
ssh-keygen can create RSA keys up to 2048 bits while DSA keys it creates must be exactly 1024 bits.
Here's how to use
openssl to create 2048-bit DSA keys that can be used with OpenSSH.
(umask 077 ; openssl dsaparam -genkey 2048 | openssl dsa -out ~/.ssh/id_dsa) ssh-keygen -y -f ~/.ssh/id_dsa > ~/.ssh/id_dsa.pub
After this, add the contents of
~/.ssh/authorized_keys on remote hosts and remove your RSA keys (if any). I'm not recomending either RSA or DSA keys. You need to make that choice yourself. But key length is no longer an issue. We can now go back to having this debate on the merit of math.