Corinna Vinschen wrote:
On Nov 11 20:44, Corinna Vinschen wrote:
On Nov 11 12:14, Michael Cronenworth wrote:
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If
your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made.
An ECDSA openssh key should work on any machine which has ECDSA openssh
keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5,
the error message is the same when trying to use that key.
I see OpenSSL was patched a few days ago to enable another curve,
but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to
have a problem yet. I can't believe I'm trying to do something unusual.
That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes
the problem, since my ECDSA key is actually a 521 bit key.
Policy to use those, or are you in the "more secure" camp on curves vs. legacy
public keys?
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
