Thanks for your informative replies!
I hope BIND, OpenSSH et al start using
the 1.1.0 API soon.

jason.vas.dias> On 20/03/2017, Kurt Roeckx <> wrote:
jason.vas.dias> > The ed25519 support in openssh doesn't even come from
jason.vas.dias> >
jason.vas.dias> What happens is OpenSSH's cipher.c calls
jason.vas.dias>        if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv,
jason.vas.dias>           (do_encrypt == CIPHER_ENCRYPT)) == 0) {
jason.vas.dias>                 ret = SSH_ERR_LIBCRYPTO_ERROR;
jason.vas.dias>                 goto out;
jason.vas.dias>         }
jason.vas.dias> which always does 'goto out' for any ED25519 file.

That would happen if ssh_host_ed25519_key is password protected and
the cipher used to encrypt the key isn't recognised in OpenSSL 1.1.0
(and considering the current master of openssh-portable doesn't build
cleanly against OpenSSL 1.1.0e and I therefore suppose you've hacked
around, I can't even begin to say where the fault came in).  It also
depends on your OpenSSL configuration, since you can disable most
algorithms it carries...

But none of my host keys were password protected.

They were just what resulted from the command:
$ ssh-keygen -A
which is run on initial openssh installation.

The modifications I made were trivial :
o Including the hidden API headers ,
o initializing automatic SSL structs
    - ie '{struct}_CTX v ={0};' , not
          '{struct}_CTX v;'
   ( else the {struct}_init(&v) function
     ( I think evp_init() )
     could try free()-ing garbage pointer
     members ( in named ) )
o changing some structure member references
   from s->m to s.m - these were verified by
That really is the extent of all mods I made
to openssh / BIND .

Openssh was then unable to read or write the
existing /etc/ssh_host_ed25519_key file ( not PW protected ), so NO ssh app
can run, and
'ssh_keygen -A'  failed to write a new ed25519
key file (not pw protected) when I moved all the old files out of the way ,
failing ( under gdb ) at that point in the
cipher_init() code I posted before .

If anyone has managed to get openssh working
under OpenSSL 1.1.0 please let me know & I'll
try upgrading again.

But until 1.1.0 adoption becomes more widespread, I still think it would be
if the main webpage let users
know this is the case , with a statement such
as 'most openssl using applications have not
upgraded to 1.1.0 yet' . This would prevent
others from wasting time as I was led to do.

Regards, Jason
openssl-dev mailing list
To unsubscribe:

Reply via email to