On Thursday 20 March 2014 08:10:41 Alan Dunn wrote: > This works for me (tested OpenSSH client with libssh server, ECDSA key > "parameters" 256, 384, 512 in ssh_pki_generate) when applied on top of > my prior ECDSA host key patches. There is code in libssh to take an > ECDSA key and return the proper host key algorithm name depending on > the key type. So the server sets its host key type properly and > everything works out. It seems that libssh will even let you generate > ECDSA keys on these different curves; I didn't have to use "openssl > ecparam" or similar. Though the server will not support multiple > ECDSA keys of different types at the same time currently.
Wow, we rock ;) > On Thu, Mar 20, 2014 at 6:01 AM, Aris Adamantiadis <[email protected]> wrote: > > Hi Jon, > > > > I find it odd that this patch is all that was needed for 384 and 521 > > bits mode, are you sure it's working fine ? > > Could you include testcases for this ? (that may be hard to do since I'm > > not sure openssh server supports more than one type of ecdsa hostkey). > > > > Aris > > > > Le 20/03/14 03:50, Jon Simons a écrit : > >> Hi, > >> > >> Attached is a simple patch to also enable the ecdsa-sha2-nistp[384,521] > >> host key algorithms by default. > >> > >> > >> -Jon -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.org [email protected]
