Dear Maintainer, I've isolated where this is failing when using ed25519 keys.
The call to gcry_pk_verify() in the function challenge_verify_sexp() in the file src/util/support.c fails with the error value 1677782. I believe the issue is related to the hard-coding of the s-expression for the signature in this line: err = gcry_sexp_build (&sexp_signature, NULL, "(sig-val (rsa (s %m)))", mpi_signature); I believe it needs to be generalized to support alternate signature algorithms. For example, ed25519 requires the following s-expression: "(sig-val (ecdsa (r %?) (s %?)))"; The ECDSA signature is formed from two non-negative integers. I don't understand the crypto well enough to map these to the RSA signature values. If the maintainer could provide some pointers I may be able to provide a patch. -- JP