thr3ads.net - openssh bugs - [Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support [Jun 2011]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-08 08:50 UTC

[Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

           Summary: 5.8 ssh-keysign lacks ECDSA support
           Product: Portable OpenSSH
           Version: 5.8p2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: critical
          Priority: P2
         Component: Miscellaneous
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: openssh-bugzilla at isohunt.com


The patch located at
http://hg.mindrot.org/openssh/rev/138961506b91?revcount=30 must be
applied to the 5.8 branch in order to use ECDSA. Why this patch wasn't
included in 5.8_p2 is a mystery as it's required to use ECDSA with
host-based authentication. Please rectify this oversight as soon as
possible.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-08 08:55 UTC

head link

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

Allen Parker <openssh-bugzilla at isohunt.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |openssh-bugzilla at isohunt.co
                   |                            |m

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-09 09:06 UTC

head link

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #1 from Damien Miller <djm at mindrot.org> 2011-06-09 19:06:04
EST ---
The 5.8 branch is for security fixes only. This patch will be released
as part of OpenSSH 5.9.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-09 09:09 UTC

head link

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

Allen Parker <openssh-bugzilla at isohunt.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |

--- Comment #2 from Allen Parker <openssh-bugzilla at isohunt.com>
2011-06-09 19:09:25 EST ---
Why 5.8 was released without completely supporting ECDSA completely is
beyond me. My inability to use host-based authentication with ECDSA is
a security issue which should be rectified.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-10 02:08 UTC

head link

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |INVALID

--- Comment #3 from Damien Miller <djm at mindrot.org> 2011-06-10 12:08:11
EST ---
Despite what you might like to believe, lack of support for a brand new
key type in a lesser-used authentication method is not a security bug.

Anyway, I don't know why you are fiddling with this bug as there are no
more 5.8 releases planned. Your options are to apply the patch yourself
or wait until 5.9.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2011-Jun-10 02:08 UTC

head link

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

https://bugzilla.mindrot.org/show_bug.cgi?id=1912

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

Reasonably Related Threads

Search for more apparently analagous threads

openssh bugs - Jun 2011 - [Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

[Bug 1912] 5.8 ssh-keysign lacks ECDSA support

Reasonably Related Threads