[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Fix ability to use ECDSA host keys


One more thought here while I'm thinking about it:

It did sound like Aris at least agreed to me adding
SSH_BIND_OPTIONS_ECDSAKEY, so I think we could make forward progress
by adding that option, which allows the testing of my other patches,
and adding whatever other option when we all come to agreement on what
it should be and should mean.  However, if that doesn't sound OK, I
can hold off.

On Wed, Feb 26, 2014 at 5:33 AM, Andreas Schneider <asn@xxxxxxxxxxxxxx> wrote:
> On Wednesday 26 February 2014 05:28:00 Alan Dunn wrote:
>> Aris/Andreas:
>
> Hi,
>
>> I thought I'd say if there's anything I can do to make it easier for
>> you to evaluate my ECDSA host key patches (e.g. I could reformat the
>> work as a patch set that has the bug fixes, the changes to add ECDSA
>> as an option for binds, and the option to use ECDSA keys in one of the
>> libssh sample programs to make it so you only have to run one of the
>> sample programs to evaluate that the patches seem to work), then let
>> me know.  Otherwise if you're just too busy at the moment I completely
>> understand.
>
> I would love that, but I don't know what Aris wanted that we add. A hostkey
> option which has a list of keys and keys being assigned when read would work,
> but do we want it that way. the server is not near to openssh and doesn't use
> sshd_config at all. I think it shouldn't too.
>
>
> Aris please comment!
>
>
>
>         -- andreas
>
>> Thanks,
>> - Alan
>>
>> On Wed, Feb 26, 2014 at 1:43 AM, Andreas Schneider <asn@xxxxxxxxxxxxxx>
> wrote:
>> > On Wednesday 26 February 2014 02:29:32 Dustin Oprea wrote:
>> >> On Wed, Feb 26, 2014 at 2:22 AM, Andreas Schneider
>> >
>> > <asn@xxxxxxxxxxxxxx>wrote:
>> >> > On Tuesday 25 February 2014 22:19:49 Dustin Oprea wrote:
>> >> > > Alan/Andreas:
>> >> > Hi Dustin,
>> >> >
>> >> > > I'm guessing that the value assigned to ssh_key_struct.type
>> >> > > (ssh_keytypes_e) comes directly from the client. Is this true?
>> >> >
>> >> > no, It is a string. :)
>> >> >
>> >> > http://git.libssh.org/projects/libssh.git/tree/src/pki.c#n85
>> >> >
>> >> > or
>> >> >
>> >> > http://git.libssh.org/projects/libssh.git/tree/src/pki.c#n206
>> >>
>> >> So type_c has whatever original value was given to us?
>> >
>> > I think so, yes.
>> >
>> >
>> > --
>> > Andreas Schneider                   GPG-ID: CC014E3D
>> > www.cryptomilk.org                asn@xxxxxxxxxxxxxx
>
> --
> Andreas Schneider                   GPG-ID: CC014E3D
> www.cryptomilk.org                asn@xxxxxxxxxxxxxx
>

Follow-Ups:
Re: [PATCH] Fix ability to use ECDSA host keysAndreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org