Displaying 20 results from an estimated 20000 matches similar to: "[Bug 1647] Implement FIPS 186-3 for DSA keys"
2009 Sep 05
1
[Bug 1647] New: Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
Summary: Implement FIPS 186-3 for DSA keys
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh-keygen
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2013 Sep 10
0
[Bug 1647] Implement FIPS 186-3 for DSA keys
<bugzilla-daemon at mindrot.org> writes:
> https://bugzilla.mindrot.org/show_bug.cgi?id=1647
>
> mackyle at gmail.com changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> CC| |mackyle at gmail.com
>
> --- Comment #2 from
2016 Aug 02
0
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #5 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
2013 Sep 10
4
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
mackyle at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mackyle at gmail.com
--- Comment #2 from mackyle at gmail.com ---
RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data
2013 Sep 10
4
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
mackyle at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mackyle at gmail.com
--- Comment #2 from mackyle at gmail.com ---
RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data
2013 Oct 03
1
ssh-keygen DSA keys longer than 1024 bit
Hi,
Why is there still a limit on the length of a DSA key generated by
ssh-keygen? I mean that ssh-keygen only expects 1024 as key length, or
fails. Here is the code excerpt that enforces the limitation:
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
Commenting these two lines allows the generation of, say, 2048 bit DSA keys
that work just fine
2015 May 01
0
[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)
https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
Status|NEW |RESOLVED
CC|
2013 Sep 10
1
ssh-keygen -t dsa limited to 1024?
Looking at ssh-keygen.c from openssh-6.2p2.tar.gz lines 186-187:
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
It appears to me that ssh-keygen will only generate 1024 bit DSA keys.
Is that still current?
FIPS 186-3 (2009-06) section 4.2 and FIPS 186-4 [1] (2013-07) section
4.2 state:
4.2 Selection of Parameter Sizes
2013 Jun 03
7
[Bug 2115] New: Support for DSA p=2048 q=256/224 bit keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2115
Bug ID: 2115
Summary: Support for DSA p=2048 q=256/224 bit keys
Product: Portable OpenSSH
Version: 6.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at
2013 Jun 03
7
[Bug 2115] New: Support for DSA p=2048 q=256/224 bit keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2115
Bug ID: 2115
Summary: Support for DSA p=2048 q=256/224 bit keys
Product: Portable OpenSSH
Version: 6.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at
2003 Jan 07
0
[Bug 211] ssh-keygen aborts if passphrase <= 4 bytes for RSA/DSA private key
http://bugzilla.mindrot.org/show_bug.cgi?id=211
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From djm at mindrot.org 2003-01-07 17:54
2011 Sep 25
0
sshd 5.6p1 does not accept connections in fips mode
Hi,
I was trying to run sshd after applying the fips patches mentioned in
http://www.gossamer-threads.com/lists/engine?do=post_attachment;postatt_id=1835;list=openssh
but for some reason sshd refuses to accept the connection. I guess I do
something terribly wrong. Is there a reason that this is bound to fail?
These 5.6 patches were the most recent I could find. Are there any fips
patches
2000 Sep 27
1
-i doesn't work for v2 DSA keys
I just found that trying to specify a DSA identity file with '-i' doesn't
work. Although the man page doesn't indicate that this is supported for
DSA keys, it also doesn't indicate very clearly that its _not_.
Indeed, in ssh.c:main(), the "-i" only increments and sets:
options.options.num_identity_files
options.identity_files
where it would need to modify:
2003 Jul 01
2
Generating DSA keys of different length
When I try to create a dsa set of key files with -b 999, the key appears to be created with the default of 1024. This does not happen for type rsa or rsa1 keys. They get created with the number of bits I specified. I can't find this problem in the archives.
DSA key generation:
SY1 97 /SYSTEM/tmp> ssh-keygen -b 999 -t dsa
Generating public/private dsa key pair.
Enter file in which to
2015 Aug 11
0
[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)
https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #10 from Damien Miller <djm at mindrot.org> ---
Set all RESOLVED bugs to CLOSED with
2001 Apr 05
0
2.5.2 cannot handle 2048bit DSA keys?
Hi,
I believe I may have found a bug with OpenSSH 2.5.2p2 My guess would
be that it exists with 2.5.x, though my only experience so far has been
ONLY with Red Hat's RPMS openssh-2.5.2p2-1.7.i386.rpm and
openssh-2.5.2p2-1.7.2.i386.rpm
It seems that ssh-keygen can generate a large DSA identity key
easily (ssh-keygen -t dsa -b 2048), but that ssh itself cannot handle
such a large key and
2004 Jun 23
1
[Bug 884] DSA keys (id_dsa.pub) with 8192 bytes or more aren't correctly recognized
http://bugzilla.mindrot.org/show_bug.cgi?id=884
Summary: DSA keys (id_dsa.pub) with 8192 bytes or more aren't
correctly recognized
Product: Portable OpenSSH
Version: 3.8.1p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
2000 Sep 22
2
Agent forwarding with DSA keys?
Does agent forwarding work with DSA keys?
I'm using 2.2.0p1 on RedHat Linux 6.2 (Alpha) and Solaris 2.6 (SPARC).
If I ssh-add my RSA key into the local agent and ssh to another
machine, the agent connection is forwarded properly. (I can say
"ssh-add -l" and see my keys.) If I ssh-add my DSA key into the
local agent and "ssh -2" to another machine, the agent connection
2017 Jan 08
4
[Bug 2662] New: Does it still make sense to use DSA host keys by default?
https://bugzilla.mindrot.org/show_bug.cgi?id=2662
Bug ID: 2662
Summary: Does it still make sense to use DSA host keys by
default?
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2003 May 14
2
[Bug 566] ssh-keygen -l does not print key comment for rsa/dsa keys
http://bugzilla.mindrot.org/show_bug.cgi?id=566
Summary: ssh-keygen -l does not print key comment for rsa/dsa
keys
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: trivial
Priority: P2
Component: ssh-keygen
AssignedTo: