[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] kex: enable more ECDSA hostkey algos
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] kex: enable more ECDSA hostkey algos
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 27 Mar 2014 10:29:12 +0100
- To: libssh@xxxxxxxxxx
- Cc: Alan Dunn <amdunn@xxxxxxxxx>
On Thursday 20 March 2014 08:10:41 Alan Dunn wrote: > This works for me (tested OpenSSH client with libssh server, ECDSA key > "parameters" 256, 384, 512 in ssh_pki_generate) when applied on top of > my prior ECDSA host key patches. There is code in libssh to take an > ECDSA key and return the proper host key algorithm name depending on > the key type. So the server sets its host key type properly and > everything works out. It seems that libssh will even let you generate > ECDSA keys on these different curves; I didn't have to use "openssl > ecparam" or similar. Though the server will not support multiple > ECDSA keys of different types at the same time currently. Wow, we rock ;) > On Thu, Mar 20, 2014 at 6:01 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx> wrote: > > Hi Jon, > > > > I find it odd that this patch is all that was needed for 384 and 521 > > bits mode, are you sure it's working fine ? > > Could you include testcases for this ? (that may be hard to do since I'm > > not sure openssh server supports more than one type of ecdsa hostkey). > > > > Aris > > > > Le 20/03/14 03:50, Jon Simons a écrit : > >> Hi, > >> > >> Attached is a simple patch to also enable the ecdsa-sha2-nistp[384,521] > >> host key algorithms by default. > >> > >> > >> -Jon -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.org asn@xxxxxxxxxxxxxx
| [PATCH] kex: enable more ECDSA hostkey algos | Jon Simons <jon@xxxxxxxxxxxxx> |
| Re: [PATCH] kex: enable more ECDSA hostkey algos | Aris Adamantiadis <aris@xxxxxxxxxxxx> |
| Re: [PATCH] kex: enable more ECDSA hostkey algos | Alan Dunn <amdunn@xxxxxxxxx> |