[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Regarding id_25519 user certificate
[Thread Prev] | [Thread Next]
- Subject: Re: Regarding id_25519 user certificate
- From: Chidanand Gangur <chidanand.gangur@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 25 Sep 2025 10:39:04 +0530
- To: libssh@xxxxxxxxxx
Thanks Jakub, I will take a look and update you. On Mon, Sep 22, 2025 at 7:02 PM Jakub Jelen <jjelen@xxxxxxxxxx> wrote: > Hi, > sounds like its the certificate comparison issue > https://gitlab.com/libssh/libssh-mirror/-/issues/329 > > There is a draft MR fixing this, but the contributor disappeared so it was > not yet finalized: > > https://gitlab.com/libssh/libssh-mirror/-/merge_requests/606 > > If you want to take it over, please do. The code change is obvious. It > just needs a bit more test coverage. > > Jakub > > > On Mon, Sep 22, 2025 at 11:48 AM Chidanand Gangur < > chidanand.gangur@xxxxxxxxx> wrote: > >> Hello Everyone, >> >> To add to the previous. thread. I have tried with RSA and ecdsa keys and >> user certificates both work perfectly fine. >> The problem is only w.r.t ed25519. >> >> Thanks, >> Chidanand >> >> On Mon, Sep 22, 2025 at 1:57 PM Chidanand Gangur < >> chidanand.gangur@xxxxxxxxx> wrote: >> >>> Hello Everyone, >>> >>> I have created a user certificate using following commands. >>> >>> ssh-keygen -t ed25519 -f id_ed25519 -N "" >>> >>> ssh-keygen -s CA/ca_user_key_ed25519 -I test_user_cert -n user1,user2 -V >>> +4h id_ed25519.pub >>> >>> >>> In ssh_client I have set following options : >>> >>> >>> rc = ssh_pki_import_privkey_file(pvtkey, NULL, NULL, NULL, >>> &privkey); >>> >>> >>> >>> >>> rc = ssh_pki_import_cert_file(usercert, &cert); >>> >>> >>> >>> rc = ssh_pki_copy_cert_to_privkey(cert, privkey); >>> >>> >>> ssh_pki_import_privkey_file and ssh_pki_import_cert_file succeeds but >>> the last call ssh_pki_copy_cert_to_privkey fails. >>> >>> >>> I have also tried setting pvtkey and user certificate using >>> ssh_options_set using SSH_OPTIONS_IDENTITY, SSH_OPTIONS_CERTIFICATE. >>> In this case also ssh_options_set errors out when using >>> SSH_OPTIONS_CERTIFICATE. >>> >>> >>> >>> I am using libssh-0.11.2. >>> >>> >>> Is ED25519 supported to be used as a user certificate. >>> >>> Are there any compilation options to be set ? >>> >>> >>> If any one encountered such an issue and has overcome it, revert back >>> please. >>> >>> >>> >>> Thanks, >>> >>> Chidanand >>> >>
| Regarding id_25519 user certificate | Chidanand Gangur <chidanand.gangur@xxxxxxxxx> |
| Re: Regarding id_25519 user certificate | Chidanand Gangur <chidanand.gangur@xxxxxxxxx> |
| Re: Regarding id_25519 user certificate | Jakub Jelen <jjelen@xxxxxxxxxx> |