Your message dated Fri, 16 Oct 2015 02:12:23 +0000
with message-id <[email protected]>
and subject line Re: [pkg-gnupg-maint] Bug#795636: gnupg-agent: adding 384-bit
ECDSA key puts wrong fingerprint in sshcontrol
has caused the Debian Bug report #795636,
regarding gnupg-agent: adding 384-bit ECDSA key puts wrong fingerprint in
sshcontrol
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
795636: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795636
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnupg-agent
Version: 2.1.7-1
Severity: minor
I added the following ECDSA SSH key earlier today (with GnuPG 2.1.6).
gpg-agent added it to sshcontrol with an incorrect MD5 fingerprint:
ecdsa-sha2-nistp384
AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBIcIk0jxxbWcr5s6TK2CNnH8qJRfnSe7pWCHohPnIOKqDMqPJcEDjntMXukXjpnzMVv/ToBvMqCK49uztCzPUiF0kIBhziVvyGkZqrUrJd2BD2wedrpCTfY//dA9viKLrQ==
bmc@vauxhall
# ECDSA key added on: 2015-08-15 20:51:39
# MD5 Fingerprint: bf:b2:5c:1e:be:8a:63:74:19:50:bf:23:21:3c:ff:5e
0D3ADB5BC29D85ECCA7397095962CB389A1C734D 0
Considering the simplicity of the algorithm[0], I'm not sure why this is
broken, but it does appear to be. This is confusing, but otherwise
purely aesthetic. The key functions correctly and can be used normally.
(Once OpenSSH 7.0 hits unstable, you might consider putting the SHA-256
fingerprint in instead, but that's another bug report.)
[0]
vauxhall ok % awk '{print $2}' .ssh/id_ecdsa.pub | base64 -d | md5sum -
c96109c1843bfc555c87130444345439 -
vauxhall ok % ssh-add -l | grep ecdsa
384 c9:61:09:c1:84:3b:fc:55:5c:87:13:04:44:34:54:39 /home/bmc/.ssh/id_ecdsa
(ECDSA)
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_US.UTF-8, LC_CTYPE=es_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnupg-agent depends on:
ii libassuan0 2.2.1-1
ii libc6 2.19-19
ii libgcrypt20 1.6.3-2
ii libgpg-error0 1.19-2
ii libnpth0 1.2-1
ii libreadline6 6.3-8+b3
ii pinentry-curses [pinentry] 0.9.5-4
ii pinentry-gnome3 [pinentry] 0.9.5-4
ii pinentry-gtk2 [pinentry] 0.9.5-4
Versions of packages gnupg-agent recommends:
ii gnupg 1.4.19-3
ii gnupg2 2.1.7-1
gnupg-agent suggests no packages.
-- no debconf information
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Version: 2.1.9-1
On Thu, Oct 15, 2015 at 03:19:51PM +0900, NIIBE Yutaka wrote:
> Hello,
>
> I think that this bug is fixed in 2.1.9. Please confirm.
This has been fixed. Thanks.
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: PGP signature
--- End Message ---
