On Nov 11 20:44, Corinna Vinschen wrote:
On Nov 11 12:14, Michael Cronenworth wrote:
> Corinna Vinschen wrote:
> >Does anybody have an idea what the problem could be?
>
> Only ECC NIST Suite B curves were enabled in Fedora packages. If
> your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made.
An ECDSA openssh key should work on any machine which has ECDSA openssh
keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5,
the error message is the same when trying to use that key.
> I see OpenSSL was patched a few days ago to enable another curve,
> but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to
have a problem yet. I can't believe I'm trying to do something unusual.
That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes
the problem, since my ECDSA key is actually a 521 bit key.
Thanks,
Corinna