Displaying 20 results from an estimated 163 matches for "nistp256".
2020 Jun 11
2
pointer subtraciton on arm for 8.3p1
...(sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0xb6b84600 in __GI_abort () at abort.c:79
#2 0x7f715c00 in __subvsi3 (a=<optimized out>, b=<optimized out>) at
../../../gcc-7-20180201/libgcc/libgcc2.c:119
#3 0x7f713494 in strlcpy (
dst=0x7fff2428
"ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at ope...
2014 Apr 10
0
nistp256 preferred over ed25519
Hello,
Maybe I'm asking an already answered question, if yes I'm sorry to
bother you.
Why in default HostKeyAlgorithms settings is
ecdsa-sha2-nistp256-cert-v01 at openssh.com preferred over
ssh-ed25519-cert-v01 at openssh.com ?
For example in default settings for KexAlgorithms the
curve25519-sha256 at libssh.org is preferred over ecdh-sha2-nistp256.
Fedor
Defaults in openssh-6.6p1
HostKeyAlgorithms
ecdsa-sha2-nistp256-cert-v01 at openssh.c...
2018 Nov 23
2
Debian Stretch 9.6: openssh-server and old dropbear client don't work togheter
...]: debug3: privsep user:group
> > 106:65534 [preauth]
> > Nov 22 14:34:03 myhostname sshd[3905]: debug1: permanently_set_uid:
> > 106/65534 [preauth]
> > Nov 22 14:34:03 myhostname sshd[3905]: debug1: list_hostkey_types:
> > ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256 [preauth]
> > Nov 22 14:34:03 myhostname sshd[3905]: debug3: send packet: type 20 [preauth]
> > Nov 22 14:34:03 myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth]
> >
> > Can you help?
>
> That ~13-year-old version of dbclient only has weak key exchange met...
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Hello.
I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows
the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host
keys. My /etc/ssh/ssh_known_hosts file contains the server's
ssh-ed25519 host key. When I try to SSH to the server I get this
error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...
2019 Oct 17
2
DSA key not accepted on CentOS even after enabling
...t also DSA keys
PubkeyAcceptedKeyTypes=+ssh-dss
and
systemctl restart sshd
I kept getting in journal the message:
userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
I saw that the sshd process had started with the option
... -oPubkeyAcceptedKeyTypes=rsa-sha2-256,ecdsa-sha2-nistp256,
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,
ecdsa-sha2-nistp384-cert-v01 at openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521,
ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,
ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-rsa-cert-v01 at openssh.com
So I found the unit f...
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
...Authenticating to {REDACTED}:22 as 'ryantm'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-ce...
2024 May 16
2
[Bug 3691] New: Connection to localhost succeeds with disabled MAC
...: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
sntrup761x25519-sha512 at openssh.com,curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00 at openssh.com
debug2: host key algorithms:
ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v...
2019 Oct 17
0
DSA key not accepted on CentOS even after enabling
...ss
>
> and
> systemctl restart sshd
>
> I kept getting in journal the message:
> userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
>
> I saw that the sshd process had started with the option
> ... -oPubkeyAcceptedKeyTypes=rsa-sha2-256,ecdsa-sha2-nistp256,
> ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,
> ecdsa-sha2-nistp384-cert-v01 at openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521,
> ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,
> ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-rsa-cert-v01 at openssh.com
&g...
2016 Sep 07
2
Question regarding Host keys.
Hi,
I'm having a problem when I add "HostKeyAlgorithms +ssh-dss" to the
ssh_config file the host key will always negotiate to a wrong one. In my
case it will negotiate to "ecdsa-sha2-nistp256". The client was already
configured with the servers rsa public key, before the change I added to
the ssh_config file I could see from the debug that server and client will
negotiate to use ssh-rsa as expected. After change unfortunately the client
and server will negotiate to use ecdsa-sha2-n...
2018 Nov 22
2
Debian Stretch 9.6: openssh-server and old dropbear client don't work togheter
...nitor started
Nov 22 14:34:03 myhostname sshd[3905]: debug3: privsep user:group
106:65534 [preauth]
Nov 22 14:34:03 myhostname sshd[3905]: debug1: permanently_set_uid:
106/65534 [preauth]
Nov 22 14:34:03 myhostname sshd[3905]: debug1: list_hostkey_types:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256 [preauth]
Nov 22 14:34:03 myhostname sshd[3905]: debug3: send packet: type 20 [preauth]
Nov 22 14:34:03 myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Can you help?
Thanks
2016 Oct 24
2
SSH fail to login due to hang over after authenticated.
...st as 'user1'
debug3: hostkeys_foreach: reading file "/Users/user1/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file
/Users/user1/.ssh/known_hosts:3
debug3: load_hostkeys: loaded 1 keys from remote_host
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
curve25519-sha256 at libssh.org,ecdh...
2016 Oct 24
1
SSH fail to login due to hang over after authenticated.
...ug3: hostkeys_foreach: reading file "/Users/user1/.ssh/known_hosts"
> debug3: record_hostkey: found key type ECDSA in file
> /Users/user1/.ssh/known_hosts:3
> debug3: load_hostkeys: loaded 1 keys from remote_host
> debug3: order_hostkeyalgs: prefer hostkeyalgs:
> ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-
> nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com
> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> curv...
2018 Oct 10
2
no mutual signature algorithm with RSA user certs client 7.8, server 7.4
...as I can tell, neither the server nor client are overriding
default algorithms in their respective configurations)
I added some printf debugging to the client to show the values being compared:
debug1: Offering public key: RSA-CERT SHA256:xxx /path/to/key
debug1: key_sig_algorithm: cp:
ecdsa-sha2-nistp256-cert-v01 at openssh.com sshkey_sigalg_by_name(cp):
ecdsa-sha2-nistp256
debug1: key_sig_algorithm: skipping
ecdsa-sha2-nistp256-cert-v01 at openssh.com due to not matching key->type
debug1: key_sig_algorithm: cp:
ecdsa-sha2-nistp384-cert-v01 at openssh.com sshkey_sigalg_by_name(cp):
ecdsa-sha2-ni...
2020 Mar 02
3
Question about host key algorithms
When I do ssh -Q key, where ssh is the OpenSSH 7.4p1 client, I get the
following output:
ssh-ed25519
ssh-ed25519-cert-v01 at openssh.com
ssh-rsa
ssh-dss
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa-cert-v01 at openssh.com
ssh-dss-cert-v01 at openssh.com
ecdsa-sha2-nistp256-cert-v01 at openssh.com
ecdsa-sha2-nistp384-cert-v01 at openssh.com
ecdsa-sha2-nistp521-cert-v01 at openssh.com
The thing is, one can invoke both client and server with -o
H...
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, 4 Oct 2020, Matthieu Herrb wrote:
> Hi,
>
> on OpenBSD-current I now get this when connecting to an existing
> machine for which I have both ecdsa an ed25519 keys in my existing
> known_hosts (but apparently ed25519 keys where added only for the name
> previsously by ssh):
>
> Warning: the ED25519 host key for 'freedom' differs from the key for
> the
2020 Oct 07
0
dbus issue on centos 7 as a lxc container
...at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-
sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
-oGSSAPIKexAlgorithms=gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellma
n-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
-oHostKeyAlgor
ithms=rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com...
2020 Oct 04
2
UpdateHostkeys now enabled by default
...s
Here are all the lines from my known_hosts.old that contains the
public keys for this host.
(the name is 'freedom' or freedom.herrb.net and IP adresses are
192.168.31.41 and 2a03:7220:8081:6101:6552:9ca8:512b:9251)
|1|LDNls9zwwKUtszPxTWOn1hEP+30=|2C9Jva6DwfnWqEHHjylVV9gAfSs= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF2yT8wIR716QLjlhgLO3XGvFB7QHxguK2UXaFoVFEgQwRHpi5aLRjT3eENZNYHDUj/Nr4wFWDrOW1whtU+CxkM=
|1|zjuSnQb3afgDzZBCywXwNiZHYuY=|fUpd/QMtdR1dwYwfDUMM1xKIhqA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF2yT8wIR716QLjlhgLO3XGvF...
2016 Feb 09
2
Test Failure OpenSSH 7.1 P2 on HPE NSE for integrity
...m,ssh-ed25519,ss
h-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ssh-ed25519-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-ed25519,ss
h-rsa,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01@
openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp256,ecd
sa-sha2-nistp384,ecdsa-sha2-nistp521
debug2: kex_parse_kexinit: aes128-ctr
debug2: kex_parse_kexinit: aes128-ctr
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex...
2017 Jun 13
7
[Bug 2729] New: Can connect with MAC hmac-sha1 even though it's not configured on the server
https://bugzilla.mindrot.org/show_bug.cgi?id=2729
Bug ID: 2729
Summary: Can connect with MAC hmac-sha1 even though it's not
configured on the server
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: Linux
Status: NEW
Severity: security
Priority: P5
2016 Aug 17
4
[Portable OpenSSH] hang up during login after OpenSSH 7.3 upgrade
...stkeys_foreach: reading file "/home/mrkiko/.ssh/known_hosts"
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01 at...