bugzilla-daemon at bugzilla.mindrot.org
2012-Feb-07 08:25 UTC
[Bug 1978] New: ECDSA & SHA256 support in SSHFS DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Bug #: 1978 Summary: ECDSA & SHA256 support in SSHFS DNS records Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All URL: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa- sha2-07 OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy: martian67 at gmail.com As per the RFC draft, support for ECDSA and SHA256 in sshfp records. This is pretty necessary, because ssh now defaults to ECDSA keys, and setting VerifyHostKeyDNS results in errors, as SSHFP only supports RSA keys. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Feb-07 08:28 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFS DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 martian67 <martian67 at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |low-hanging-fruit -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Feb-24 00:03 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFS DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |1986 -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Apr-11 02:35 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 martian67 <bugzilla-m67 at nulld.me> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|ECDSA & SHA256 support in |ECDSA & SHA256 support in |SSHFS DNS records |SSHFP DNS records -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Apr-11 02:37 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 --- Comment #1 from martian67 <bugzilla-m67 at nulld.me> 2012-04-11 12:37:53 EST --- Created attachment 2144 --> https://bugzilla.mindrot.org/attachment.cgi?id=2144 Patch to add support to ssh-keygen -r and ssh for ECDSA/SHA-256 SSHPF records -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Apr-11 02:38 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 --- Comment #2 from martian67 <bugzilla-m67 at nulld.me> 2012-04-11 12:38:53 EST --- oops, meant to say patch applies cleanly to 5.8 and 5.9, patch obtained from https://git.nic.cz/redmine/projects/ietf/repository/revisions/master/entry/ssh-sshfp-ecdsa.patch -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Apr-27 01:00 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-23 03:29 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #3 from Damien Miller <djm at mindrot.org> 2012-05-23 13:29:03 EST --- patch applied - this will be in openssh-6.1. Thanks! -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Jun-01 16:07 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 --- Comment #4 from Julien D?CHARNE <julien.decharne at gmail.com> 2012-06-02 02:07:25 EST --- Created attachment 2161 --> https://bugzilla.mindrot.org/attachment.cgi?id=2161 patch to add ECDSA key records to host keys records printed by ssh-keygen -r <hostname> when called without filename (option -f), ssh-keygen -r <hostname> print SSHFP records for 'host' key files (e.g. in /etc/ssh/ on most system). This patch add ECDSA public key file to these host key files. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Jun-01 16:08 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Julien D?CHARNE <julien.decharne at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |julien.decharne at gmail.com Status|RESOLVED |REOPENED Resolution|FIXED | -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Jun-01 16:13 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 --- Comment #5 from Julien D?CHARNE <julien.decharne at gmail.com> 2012-06-02 02:13:58 EST --- just forget to say that previous patch in this bug report (attachment 2144) need obviously to be applied before ... -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Jun-04 07:11 UTC
[Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED --- Comment #6 from Damien Miller <djm at mindrot.org> 2012-06-04 17:11:18 EST --- yes, the patch as committed included this fix -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 2039] New: Give proper credits for ECDSA patch
- Support for ECDSA and SHA-2 (SHA-256) in the SSHFP record
- [Bug 1978] ECDSA & SHA256 support in SSHFP DNS records
- ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
- [Bug 1972] ssh-keygen fails to generate SSHFP for ECDSA but exits with 0 code