[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] kex: enable more ECDSA hostkey algos
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] kex: enable more ECDSA hostkey algos
- From: Alan Dunn <amdunn@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 20 Mar 2014 08:10:41 -0500
- To: libssh@xxxxxxxxxx
This works for me (tested OpenSSH client with libssh server, ECDSA key "parameters" 256, 384, 512 in ssh_pki_generate) when applied on top of my prior ECDSA host key patches. There is code in libssh to take an ECDSA key and return the proper host key algorithm name depending on the key type. So the server sets its host key type properly and everything works out. It seems that libssh will even let you generate ECDSA keys on these different curves; I didn't have to use "openssl ecparam" or similar. Though the server will not support multiple ECDSA keys of different types at the same time currently. On Thu, Mar 20, 2014 at 6:01 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx> wrote: > Hi Jon, > > I find it odd that this patch is all that was needed for 384 and 521 > bits mode, are you sure it's working fine ? > Could you include testcases for this ? (that may be hard to do since I'm > not sure openssh server supports more than one type of ecdsa hostkey). > > Aris > > Le 20/03/14 03:50, Jon Simons a écrit : >> Hi, >> >> Attached is a simple patch to also enable the ecdsa-sha2-nistp[384,521] >> host key algorithms by default. >> >> >> -Jon >> >
| Re: [PATCH] kex: enable more ECDSA hostkey algos | Andreas Schneider <asn@xxxxxxxxxxxxxx> |
| [PATCH] kex: enable more ECDSA hostkey algos | Jon Simons <jon@xxxxxxxxxxxxx> |
| Re: [PATCH] kex: enable more ECDSA hostkey algos | Aris Adamantiadis <aris@xxxxxxxxxxxx> |