similar to: ECDSA client question

Displaying 20 results from an estimated 6000 matches similar to: "ECDSA client question"

2018 Dec 17
1
ECDSA client question
On 12/16/18 7:52 AM, Tributh via dovecot wrote: > > > Am 16.12.18 um 12:13 schrieb Michael A. Peters: >> Hi, for those who have adopted ECDSA, >> >> Are there still any commonly used IMAPS/POP3S clients that still can not >> handle ECDSA certificates? >> >> I know you can set up Dovecot dor dual cert, I am just trying to >> determine if there
2014 Apr 25
2
Support for ECDSA in OpenSSL?
Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs? How do I test if this works? (though I should probably ask this on the OpenSSL list) The reason I suspect a problem is that HIPL for Centos (http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity, whereas my Fedora installation IS creating the ECDSA HI.
2011 Jul 28
1
Support for ECDSA and SHA-2 (SHA-256) in the SSHFP record
Hi, I was sure I sent this to openssh at openssh.com, but cannot find that email now in my Sent mailbox, so I am sending it to the developers list. I took a liberty and wrote an I-D with accompanying patch (with contributions from Ondrej Caletka) to support ECDSA in the SSHFP DNS resource record. The I-D is here: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa-sha2 (and the source XML
2011 Jan 24
1
ECDSA and first connection; bug?
Folks, I read the 5.7 release announcement and updated, to try out ECDSA. Most parts worked very smoothly. The inability to create SSHFP records is understandable, since IANA haven't allocated a code yet. One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA. % ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost
2024 Oct 29
5
[Bug 3748] New: "webauthn-sk-ecdsa-sha2-nistp256@openssh.com" signature type not supported from ssh agent
https://bugzilla.mindrot.org/show_bug.cgi?id=3748 Bug ID: 3748 Summary: "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature type not supported from ssh agent Product: Portable OpenSSH Version: 9.7p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Hello. I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host keys. My /etc/ssh/ssh_known_hosts file contains the server's ssh-ed25519 host key. When I try to SSH to the server I get this error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
2015 Apr 01
3
What did I miss when building openssh? cannot generate ecdsa key
I am assuming this is a user error (and the bug, if any is in configure not telling me how to activate it). I regularly see a message: Could not load host key: /etc/ssh/ssh_host_ecdsa_key And, obviously, I have never made the key before. I tried the following: ./ssh-keygen -t ecdsa -fssh_host_esdsa_key -N "" unknown key type ecdsa However, the syntax says it is a known type root at
2011 Nov 21
3
ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
hi folks: it looks like ssh-keygen -r can''t export SSHFP records for ECDSA keys: 0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -f foobar -t ecdsa -q -P '''' 0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -r foobar -f foobar.pub export_dns_rr: unsupported algorithm 0 dkg@pip:/tmp/cdtemp.oiRYAS$ the first number in my prompt is the return code of the last command; note that
2020 Jan 11
2
interoperability issue with agent and ecdsa-sk keys
Hi, It seems that some versions of ssh-agent get confused by ECDSA-SK keys. >From my OpenBSD-current laptop, I'm trying to do remote system adminstration on a machine running Debian 8 with the stock ssh package (OpenSSH_6.7p1 Debian-5+deb8u8, OpenSSL 1.0.2l 25 May 2017). I need access to a remote gitlab server to fetch files with git, using an ED25519 key in my ssh-agent. Once connected
2011 May 23
4
Security of OpenSSL ECDSA signatures
Dear OpenSSH devs, I came accross this paper yesterday. http://eprint.iacr.org/2011/232 It states that they were able to recover ECDSA keys from TLS servers by using timing attacks agains OpenSSL's ECDSA implementation. Is that known to be exploitable by OpenSSH ? (In my understanding, it's easy to get a payload signed by ECDSA during the key exchange so my opinion is that it is).
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Here you go: OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019 debug1: Reading configuration data /home/ryantm/.ssh/config debug1: /home/ryantm/.ssh/config line 4: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 13: Applying options for * debug2: resolving "{REDACTED}" port 22 debug2: ssh_connect_direct debug1: Connecting to
2012 Feb 07
11
[Bug 1978] New: ECDSA & SHA256 support in SSHFS DNS records
https://bugzilla.mindrot.org/show_bug.cgi?id=1978 Bug #: 1978 Summary: ECDSA & SHA256 support in SSHFS DNS records Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All URL: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa- sha2-07 OS/Version: All
2015 Sep 28
4
[PATCH] Enabling ECDSA in PKCS#11 support for ssh-agent
Hi, I have made a patch for enabling the use of ECDSA keys in the PKCS#11 support of ssh-agent which will be of interest to other users. I have tested it with P-256 keys. P-384 and P-521 should work out-of-the box. The code is ready for non-FIPS curves (named or explicit), but OpenSSH currently limits ECDSA to those 3 curves. At high level it works like the support for RSA, but because of
2011 Jun 08
5
[Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support
https://bugzilla.mindrot.org/show_bug.cgi?id=1912 Summary: 5.8 ssh-keysign lacks ECDSA support Product: Portable OpenSSH Version: 5.8p2 Platform: All OS/Version: All Status: NEW Severity: critical Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org ReportedBy:
2011 Dec 17
3
[Bug 1961] New: ECDSA memory leak
https://bugzilla.mindrot.org/show_bug.cgi?id=1961 Bug #: 1961 Summary: ECDSA memory leak Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at
2014 Jan 31
1
Wanted: smartcard with ECDSA support
Hi, I'm interested in extending OpenSSH's PKCS#11 code to support ECDSA keys, but have so far been unable to find anyone who can sell me a smartcard that supports it. They certainly exist - AFAIK it's required by the US PIV standard, but obtaining cards that support it in single digit quantities seems all but impossible. Can anybody on this list help? I'd want 2-6 cards/tokens
2011 Feb 19
2
[Bug 1862] New: document ECDSA within the "-b" option of the ssh-keygen manpage
https://bugzilla.mindrot.org/show_bug.cgi?id=1862 Summary: document ECDSA within the "-b" option of the ssh-keygen manpage Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Documentation
2015 Sep 28
33
[Bug 2474] New: Enabling ECDSA in PKCS#11 support for ssh-agent
https://bugzilla.mindrot.org/show_bug.cgi?id=2474 Bug ID: 2474 Summary: Enabling ECDSA in PKCS#11 support for ssh-agent Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs
2007 Dec 12
2
[virtio-net][PATCH] Don't arm tx hrtimer with a constant 500us each transmit
commit 763769621d271d92204ed27552d75448587c1ac0 Author: Dor Laor <dor.laor@qumranet.com> Date: Wed Dec 12 14:52:00 2007 +0200 [virtio-net][PATCH] Don't arm tx hrtimer with a constant 50us each transmit The current start_xmit sets 500us hrtimer to kick the host. The problem is that if another xmit happens before the timer was fired then the first xmit will have to
2007 Dec 12
2
[virtio-net][PATCH] Don't arm tx hrtimer with a constant 500us each transmit
commit 763769621d271d92204ed27552d75448587c1ac0 Author: Dor Laor <dor.laor@qumranet.com> Date: Wed Dec 12 14:52:00 2007 +0200 [virtio-net][PATCH] Don't arm tx hrtimer with a constant 50us each transmit The current start_xmit sets 500us hrtimer to kick the host. The problem is that if another xmit happens before the timer was fired then the first xmit will have to