On Nov 20 15:04, Bill Davidsen wrote: > Corinna Vinschen wrote: > >On Nov 11 20:44, Corinna Vinschen wrote: > >>On Nov 11 12:14, Michael Cronenworth wrote: > >>>Corinna Vinschen wrote: > >>>>Does anybody have an idea what the problem could be? > >>> > >>>Only ECC NIST Suite B curves were enabled in Fedora packages. If > >>>your keys use a different curve then they wouldn't work. > >> > >>If you call ssh-keygen -t ecdsa, there's no choice of curves to be made. > >>An ECDSA openssh key should work on any machine which has ECDSA openssh > >>keys enabled. In theory. > >> > >>If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5, > >>the error message is the same when trying to use that key. > >> > >>>I see OpenSSL was patched a few days ago to enable another curve, > >>>but no update has been pushed yet. > >> > >>I hope that will fix it. I'm just a bit puzzled that nobody seems to > >>have a problem yet. I can't believe I'm trying to do something unusual. > > > >That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes > >the problem, since my ECDSA key is actually a 521 bit key. > > > Policy to use those, or are you in the "more secure" camp on curves > vs. legacy public keys? Security and interoperability. Corinna -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
