I have just looked into an SSH_MSG_USERAUTH_REQUEST message sent by an OpenSSH 8.2 corresponding to ecdsa-sha2-nistp256 public key authentication, and it does look too small for the data that is supposed to be transferred. Is this client perhaps using point compression?
My mistake - it doesn't. Please ignore. On Thu, Mar 19, 2020 at 2:08 PM Luveh Keraph <1.41421 at gmail.com> wrote:> I have just looked into an SSH_MSG_USERAUTH_REQUEST message sent by an > OpenSSH 8.2 corresponding to ecdsa-sha2-nistp256 public key authentication, > and it does look too small for the data that is supposed to be transferred. > Is this client perhaps using point compression? > >