I notice that the new version of OpenSSH in Debian Unstable is taking another step toward dropping support for the DSA algorithm for key generation. I can remember back when DSA was introduced as an alternative to RSA. Unlike RSA, which is an encryption algorithm that can also be used for digital signatures, DSA was deliberately designed to be usable for signatures but not for encryption. This was back in the day when the US Government was still restricting exports of strong encryption products. Not long after that, I remember a research paper being published showing that DSA could in fact be used as an encryption algorithm. It wasn’t particularly efficient or even very practical, but it could theoretically be done. There was a time, in fact, when DSA was actually being preferred to RSA for generating SSH keys. Just checking the ssh-keygen man page, and the current default is RSA.