Control: forwarded 795636 https://bugs.gnupg.org/gnupg/issue2075 Control: tags 795636 + upstream
Hi Brian--
On Sat 2015-08-15 23:45:09 +0200, brian m. carlson wrote:
>
> I added the following ECDSA SSH key earlier today (with GnuPG 2.1.6).
> gpg-agent added it to sshcontrol with an incorrect MD5 fingerprint:
>
> ecdsa-sha2-nistp384
> AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBIcIk0jxxbWcr5s6TK2CNnH8qJRfnSe7pWCHohPnIOKqDMqPJcEDjntMXukXjpnzMVv/ToBvMqCK49uztCzPUiF0kIBhziVvyGkZqrUrJd2BD2wedrpCTfY//dA9viKLrQ==
> bmc@vauxhall
>
> # ECDSA key added on: 2015-08-15 20:51:39
> # MD5 Fingerprint: bf:b2:5c:1e:be:8a:63:74:19:50:bf:23:21:3c:ff:5e
> 0D3ADB5BC29D85ECCA7397095962CB389A1C734D 0
>
> Considering the simplicity of the algorithm[0], I'm not sure why this is
> broken, but it does appear to be. This is confusing, but otherwise
> purely aesthetic. The key functions correctly and can be used normally.
thanks for this report. It looks like this is true only for NIST 384.
it doesn't happen for 256 or 521.
I've reported it upstream at the URL above.
> (Once OpenSSH 7.0 hits unstable, you might consider putting the SHA-256
> fingerprint in instead, but that's another bug report.)
yep, we'll work on that one separately :)
all the best,
--dkg
signature.asc
Description: PGP signature
