bugzilla-daemon at mindrot.org
2022-Oct-03 21:51 UTC
[Bug 3479] New: ssh-keygen does not honor DST daylight savings time when signing certifying a public key
https://bugzilla.mindrot.org/show_bug.cgi?id=3479 Bug ID: 3479 Summary: ssh-keygen does not honor DST daylight savings time when signing certifying a public key Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: security Priority: P5 Component: ssh-agent Assignee: unassigned-bugs at mindrot.org Reporter: mathews.dennis at gmail.com openssh: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 openssl: OpenSSL 1.0.2k-fips 26 Jan 2017 uname: Linux XXXXXXXXXXXXXXX 3.10.0-1160.76.1.el7.x86_64 #1 SMP Tue Jul 26 14:15:37 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux timedatectl: Local time: Tue 2022-10-04 08:46:05 AEDT Universal time: Mon 2022-10-03 21:46:05 UTC RTC time: Mon 2022-10-03 21:46:05 Time zone: Australia/Sydney (AEDT, +1100) NTP enabled: yes NTP synchronized: yes RTC in local TZ: no DST active: yes Last DST change: DST began at Sun 2022-10-02 01:59:59 AEST Sun 2022-10-02 03:00:00 AEDT Next DST change: DST ends (the clock jumps one hour backwards) at Sun 2023-04-02 02:59:59 AEDT Sun 2023-04-02 02:00:00 AEST Command issued: ssh-keygen -s <ca-key> -I <identity> -V 20221004082852:20221007082852 -z 20221004082852 <public_key> Produces a certificate dated 1 hour after the given start time: Type: ssh-rsa-cert-v01 at openssh.com user certificate Public key: RSA-CERT SHA256:0qJdcqPd4aiRITA1WU+D/ooQlr2OET7SeT/0mPaHVvQ Signing CA: RSA SHA256:FUcJb/dPn4W2noeXRpGG4/paAMrWsFtkxoGCJptL4Yc Key ID: "XXXXXXXXXXXXXXX" Serial: 20221004082852 Valid: from 2022-10-04T09:28:52 to 2022-10-07T09:28:52 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 11:01 UTC
[Bug 3479] ssh-keygen does not honor DST daylight savings time when signing certifying a public key
https://bugzilla.mindrot.org/show_bug.cgi?id=3479 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- OpenSSH 9.1 (just released) offers the ability to sign certificates in UTC to avoid ambiguities like this. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Nov-17 03:00 UTC
[Bug 3479] ssh-keygen does not honor DST daylight savings time when signing certifying a public key
https://bugzilla.mindrot.org/show_bug.cgi?id=3479 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Mar-17 02:37 UTC
[Bug 3479] ssh-keygen does not honor DST daylight savings time when signing certifying a public key
https://bugzilla.mindrot.org/show_bug.cgi?id=3479 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- OpenSSH 9.3 has been released. Close resolved bugs -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.