Hi, https://admin.fedoraproject.org/updates/FEDORA-2013-19918/openssh-6.3p1-4.fc20 claims openssh-6.3p1-4 and later, in conjuntion with openssl-1.0.1e-30.fc20 will allow to use ECDSA keys for pubkey authentication. I have existing ECDSA keys from my non-Fedora installations using vanilla openssh and openssl packages. So I installed openssh-6.3p1-5 and openssl-1.0.1e-30. When trying to use the aforementioned private ECDSA key to access one of the other machines, it doesn't work. I'm getting an error message instead: $ ssh some-machine key_from_blob: EC_KEY_new_by_curve_name failed Worse, I can't even connect to other machines using an RSA key, even if I change the remote authorized_keys file accordingly. The debug output shows that in this case the connection attempt goes more or less through, until the connection stops with the same message as above: key_from_blob: EC_KEY_new_by_curve_name failed The openssh ECDSA key format can't be different between different versions of openssh, otherwise the keys wouldn't be usable on different machines. I also didn't see any bug reports that the new openssh version would not be able to use ECDSA keys for some reason (ssh-keygen allows to create new ECDSA keys, after all). If I revert to the vanilla openssh/openssl versions, connecting via ECDSA key works as expected again. Does anybody have an idea what the problem could be? TIA, Corinna -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
