Displaying 20 results from an estimated 9000 matches similar to: "[Bug 3191] New: Issues when authorized_keys contains more than one ecdsa-sk public key"
2020 Jun 26
14
[Bug 3188] New: Problems creating a second ecdsa-sk key for a second Yubikey
https://bugzilla.mindrot.org/show_bug.cgi?id=3188
Bug ID: 3188
Summary: Problems creating a second ecdsa-sk key for a second
Yubikey
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh-keygen
2020 Jan 11
2
interoperability issue with agent and ecdsa-sk keys
Hi,
It seems that some versions of ssh-agent get confused by ECDSA-SK
keys.
>From my OpenBSD-current laptop, I'm trying to do remote system
adminstration on a machine running Debian 8 with
the stock ssh package (OpenSSH_6.7p1 Debian-5+deb8u8, OpenSSL 1.0.2l
25 May 2017). I need access to a remote gitlab server to fetch files
with git, using an ED25519 key in my ssh-agent.
Once connected
2013 Sep 25
0
CA Signed Public Key User Authentication does not honor ~/.ssh/authorized_keys
Greetings,
I am using OpenSSH Signed Public Key authentication for servers ssh login.
All of the servers are setup with below sshd_config options:
TrustedUserCAKeys /etc/ssh/ca.pub # CA Public Keys
RevokedKeys /etc/ssh/revoke.pub # User Public Keys
When i started working on it, for ssh authentication i had to have CA
Public Key in User ~/.ssh/authorized_keys, like:
cert-authority ssh-rsa
2023 Nov 27
0
[Bug 3636] New: Public key authentication fails with incorrect message if authorized_keys is not UTF-8 encoded
https://bugzilla.mindrot.org/show_bug.cgi?id=3636
Bug ID: 3636
Summary: Public key authentication fails with incorrect message
if authorized_keys is not UTF-8 encoded
Product: Portable OpenSSH
Version: 9.5p1
Hardware: Other
OS: Other
Status: NEW
Severity: minor
Priority: P5
2013 Jul 15
3
[Bug 2128] New: ssh-copy-id doesn't check if a public key already exists in a remote servers ~/.ssh/authorized_keys file
https://bugzilla.mindrot.org/show_bug.cgi?id=2128
Bug ID: 2128
Summary: ssh-copy-id doesn't check if a public key already
exists in a remote servers ~/.ssh/authorized_keys file
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Other
Status: NEW
Severity: enhancement
2007 Jun 28
5
[Bug 1326] New: Allow non-public-key credentials in authorized_keys file ( Kerberos, etc.)
http://bugzilla.mindrot.org/show_bug.cgi?id=1326
Summary: Allow non-public-key credentials in authorized_keys file
(Kerberos, etc.)
Product: Portable OpenSSH
Version: 4.4p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Kerberos support
2019 Nov 01
10
U2F support in OpenSSH HEAD
Hi,
As of this morning, OpenSSH now has experimental U2F/FIDO support, with
U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com"
or "ecdsa-sk" for short (the "sk" stands for "security key").
If you're not familiar with U2F, this is an open standard for making
inexpensive hardware security tokens. These are easily the cheapest way
2002 Aug 19
0
[Bug 387] New: command="" in authorized_keys fails when sshd_config has "PermitRootLogon forced-commands-only"
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=387
Summary: command="" in authorized_keys fails when sshd_config has
"PermitRootLogon forced-commands-only"
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: major
2020 Mar 05
3
Fwd: sk-api suggestions
Hello,
I'm helping the Git for windows team and contributing in git-for-windows
repository to help expand the OpenSSH support for fido2 devices on Windows.
Currently we are using your internal implementation(sk-usbhic.c) however
since Windows 10 version 1903 this requires administrator privileges.
I'm trying to create a module for OpenSSH to use webauthn.dll instead of
direct calling to
2006 Oct 07
0
[Bug 1084] provide better error message if keys in authorized_keys contain CR/LF (was " sshd[6895]: fatal: buffer_get: trying to get more bytes 129 than in buffer 34")
http://bugzilla.mindrot.org/show_bug.cgi?id=1084
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Comment #2 from dtucker at zip.com.au 2006-10-07 11:42 -------
Change all RESOLVED bug to CLOSED with the exception
2012 Jan 10
1
[Bug 1971] New: ssh-keyscan should default to ecdsa or ecdsa,rsa
https://bugzilla.mindrot.org/show_bug.cgi?id=1971
Bug #: 1971
Summary: ssh-keyscan should default to ecdsa or ecdsa,rsa
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh-keyscan
2015 Aug 11
0
[Bug 1971] ssh-keyscan should default to ecdsa or ecdsa,rsa
https://bugzilla.mindrot.org/show_bug.cgi?id=1971
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Set all RESOLVED bugs to CLOSED with release
2020 Feb 05
19
Call for testing: OpenSSH 8.2
Hi,
OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a feature release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2023 Dec 17
0
How to set/specify an SK Device (Path) in ssh_config?
Hey *,
I have more then one {Security Key,HSM}-FIDO2 device attached to my
Linux machine (Arch Linux).
With
```
# fido2-token -L
/dev/hidraw7: vendor=0x1d50, product=0x60fc (CRYPTOTRUST ONLYKEY)
/dev/hidraw5: vendor=0x20a0, product=0x42b2 (Nitrokey Nitrokey 3)
```
I am able to get the device paths of both SK,
which I can use to generate an `ecdsa-sk` on a specific device:
```
$ ssh-keygen \
-t
2014 Apr 25
2
Support for ECDSA in OpenSSL?
Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?
How do I test if this works? (though I should probably ask this on the
OpenSSL list)
The reason I suspect a problem is that HIPL for Centos
(http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity,
whereas my Fedora installation IS creating the ECDSA HI.
2018 Dec 16
1
ECDSA client question
Hi, for those who have adopted ECDSA,
Are there still any commonly used IMAPS/POP3S clients that still can not
handle ECDSA certificates?
I know you can set up Dovecot dor dual cert, I am just trying to
determine if there still is a real world need to.
2018 Dec 17
1
ECDSA client question
On 12/16/18 7:52 AM, Tributh via dovecot wrote:
>
>
> Am 16.12.18 um 12:13 schrieb Michael A. Peters:
>> Hi, for those who have adopted ECDSA,
>>
>> Are there still any commonly used IMAPS/POP3S clients that still can not
>> handle ECDSA certificates?
>>
>> I know you can set up Dovecot dor dual cert, I am just trying to
>> determine if there
2011 Jan 24
1
ECDSA and first connection; bug?
Folks,
I read the 5.7 release announcement and updated, to try out ECDSA. Most
parts worked very smoothly. The inability to create SSHFP records is
understandable, since IANA haven't allocated a code yet.
One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA.
% ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost
2011 Jul 28
1
Support for ECDSA and SHA-2 (SHA-256) in the SSHFP record
Hi,
I was sure I sent this to openssh at openssh.com, but cannot find that email now in my Sent mailbox, so I am sending it to the developers list.
I took a liberty and wrote an I-D with accompanying patch (with contributions from Ondrej Caletka) to support ECDSA in the SSHFP DNS resource record.
The I-D is here: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa-sha2 (and the source XML
2011 Dec 17
3
[Bug 1961] New: ECDSA memory leak
https://bugzilla.mindrot.org/show_bug.cgi?id=1961
Bug #: 1961
Summary: ECDSA memory leak
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at