Hi,
https://admin.fedoraproject.org/updates/FEDORA-2013-19918/openssh-6.3p1-4.fc... claims openssh-6.3p1-4 and later, in conjuntion with openssl-1.0.1e-30.fc20 will allow to use ECDSA keys for pubkey authentication.
I have existing ECDSA keys from my non-Fedora installations using vanilla openssh and openssl packages.
So I installed openssh-6.3p1-5 and openssl-1.0.1e-30. When trying to use the aforementioned private ECDSA key to access one of the other machines, it doesn't work. I'm getting an error message instead:
$ ssh some-machine key_from_blob: EC_KEY_new_by_curve_name failed
Worse, I can't even connect to other machines using an RSA key, even if I change the remote authorized_keys file accordingly. The debug output shows that in this case the connection attempt goes more or less through, until the connection stops with the same message as above:
key_from_blob: EC_KEY_new_by_curve_name failed
The openssh ECDSA key format can't be different between different versions of openssh, otherwise the keys wouldn't be usable on different machines.
I also didn't see any bug reports that the new openssh version would not be able to use ECDSA keys for some reason (ssh-keygen allows to create new ECDSA keys, after all). If I revert to the vanilla openssh/openssl versions, connecting via ECDSA key works as expected again.
Does anybody have an idea what the problem could be?
TIA, Corinna
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If your keys use a different curve then they wouldn't work.
I see OpenSSL was patched a few days ago to enable another curve, but no update has been pushed yet.
On Nov 11 12:14, Michael Cronenworth wrote:
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made. An ECDSA openssh key should work on any machine which has ECDSA openssh keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5, the error message is the same when trying to use that key.
I see OpenSSL was patched a few days ago to enable another curve, but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to have a problem yet. I can't believe I'm trying to do something unusual.
Thanks, Corinna
On Nov 11 20:44, Corinna Vinschen wrote:
On Nov 11 12:14, Michael Cronenworth wrote:
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made. An ECDSA openssh key should work on any machine which has ECDSA openssh keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5, the error message is the same when trying to use that key.
I see OpenSSL was patched a few days ago to enable another curve, but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to have a problem yet. I can't believe I'm trying to do something unusual.
That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes the problem, since my ECDSA key is actually a 521 bit key.
Thanks, Corinna
Corinna Vinschen wrote:
On Nov 11 20:44, Corinna Vinschen wrote:
On Nov 11 12:14, Michael Cronenworth wrote:
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made. An ECDSA openssh key should work on any machine which has ECDSA openssh keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5, the error message is the same when trying to use that key.
I see OpenSSL was patched a few days ago to enable another curve, but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to have a problem yet. I can't believe I'm trying to do something unusual.
That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes the problem, since my ECDSA key is actually a 521 bit key.
Policy to use those, or are you in the "more secure" camp on curves vs. legacy public keys?
On Nov 20 15:04, Bill Davidsen wrote:
Corinna Vinschen wrote:
On Nov 11 20:44, Corinna Vinschen wrote:
On Nov 11 12:14, Michael Cronenworth wrote:
Corinna Vinschen wrote:
Does anybody have an idea what the problem could be?
Only ECC NIST Suite B curves were enabled in Fedora packages. If your keys use a different curve then they wouldn't work.
If you call ssh-keygen -t ecdsa, there's no choice of curves to be made. An ECDSA openssh key should work on any machine which has ECDSA openssh keys enabled. In theory.
If I generate a new ECDSA key with ssh-keygen from openssh-6.3p1-5, the error message is the same when trying to use that key.
I see OpenSSL was patched a few days ago to enable another curve, but no update has been pushed yet.
I hope that will fix it. I'm just a bit puzzled that nobody seems to have a problem yet. I can't believe I'm trying to do something unusual.
That change, reenabling the ecdsa-sha2-nistp521 curves, in fact fixes the problem, since my ECDSA key is actually a 521 bit key.
Policy to use those, or are you in the "more secure" camp on curves vs. legacy public keys?
Security and interoperability.
Corinna
-
Bill Davidsen -
Corinna Vinschen -
Michael Cronenworth