Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

On Friday, December 2, 2016, Glyph Lefkowitz wrote: > > I think there might be a regression in 16.6.0. > > For every version up to 16.6.0, I can do 'conch twistedmatrix.com' in a > shell and it works fine. > I believe that I have fixed this in trunk. Can you try this

[Twisted-Python] hmac-sha2-512 - Corrupted MAC on input with OpenSSH

hi: | | I write a SSH server with Twisted(15.5.0) Conch. But it don't support hmac-sha2-512 MAC algorithms | . However I see this problem has been fixed in https://twistedmatrix.com/trac/ticket/8108 . I asked the question in

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

On Tue, Dec 20, 2016 at 6:24 PM, Glyph Lefkowitz wrote: > > > > So... is this because buildbot.twistedmatrix.com has an RSA key as well, > and when it offers it, our checking isn't correctly comparing the type > before deciding that it doesn't match, or allowing for

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

I'm not sure. I was able to use conch to log into a box where the ecdsa key looked like this in my ~/.ssh/known_hosts 192.168.1.2 ecdsa-sha2-nistp256 XX -- Craig On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz wrote: > It works: > > $ conch

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

On Tue, Dec 20, 2016 at 7:32 PM, Craig Rodrigues wrote: > On Tue, Dec 20, 2016 at 6:24 PM, Glyph Lefkowitz > wrote: > >> >> > >> >> So... is this because buildbot.twistedmatrix.com has an RSA key as well, >> and when it offers it, our checking

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

> On Dec 20, 2016, at 5:50 PM, Craig Rodrigues wrote: > > Ah, OK. In my testing, I had this in my server's /etc/ssh/sshd_config file > to force > use of ECDSA keys during my testing: > > > # HostKey for protocol version 1 > #HostKey /etc/ssh/ssh_host_key > # HostKeys

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Here's buildbot's key: buildbot.twistedmatrix.com ecdsa-sha2-nistp256 E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAcw4pr6WdgDMw7PbkvsuEdCqKQTtpLYPGoe7qkuQucuexYBiCkO/BeoB0wANX2cVmxUP0llpYJQL4w3cAR0csA= I think you should be able to validate that even if you can't auth :) -g > On Dec

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Ah, OK. In my testing, I had this in my server's /etc/ssh/sshd_config file to force use of ECDSA keys during my testing: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

It works: $ conch twistedmatrix.com echo hooray hooray $ conch --version Twisted version: 16.6.0dev0 $ That's using an RSA host key though. It seems that the hosts I have using ECDSA keys (buildbot.twistedmatrix.com , for example) still don't work