| Issue 2797: | Support ecdsa-sha2-nistp256 SSH public keys | |
| 2 people starred this issue and may be notified of changes. | Back to list |
It appears Gerrit is unable to use ecdsa-sha2-nistp256 public keys. Adding a key will save it to the database, but the key is never accepted for authentication.
Aug 16, 2014
Project Member
#1
David.Os...@gmail.com
Status:
ChangeUnderReview
Sep 12, 2014
(No comment was entered for this change.)
Status:
Submitted
Labels: FixedIn-2.11
Dec 9, 2014
Reverted with [1] because it won't work with sshd 0.9.0 which is coming up to master. [1] https://gerrit-review.googlesource.com/#/c/62214/
Status:
Accepted
Labels: -FixedIn-2.11
Apr 7, 2015
(No comment was entered for this change.)
Labels:
FixedIn-2.11
Apr 14, 2015
(No comment was entered for this change.)
Labels:
-FixedIn-2.11 FixedIn-2.10.3
Jul 7, 2015
I'm testing this on 2.10.5, and not able to use an ECDSA key with Gerrit (even though 2.10.3 has a new enough version, and I see this code was added back in). This is using both OpenSSH_5.3p1, OpenSSL 1.0.1e-fips as well as OpenSSH_6.6.1p1, OpenSSL 1.0.1i.
Jul 7, 2015
(I should also add; I am using 2.10.5 with Bouncy Castle 1.5.1, though I had to install it by hand, since the "gerrit init" process didn't ask me to upgrade Bouncy Castle. Otherwise, I can't confirm if Bouncy Castle is working or not, should that be necessary.)
Jul 8, 2015
You all might be able to ignore my crazy ramblings: I just tested a clean install of 2.10.5 and found I was able to use an ECDSA key on a clean install of 2.10.5, but not on an upgraded install; if I find more details, I'll send them to the list.
Aug 27, 2015
Re-tested this on 2.10.6; looks like the issue I was having is when you have one half of a key in your .ssh directory (specifically, the private key, but not the associated public key). Discussion: https://groups.google.com/d/msg/repo-discuss/e7GQSEJZgQA/mi8cQb6VNB0J This can be resolved, both 2.10.5 and 2.11+ should have the necessary bits to support ECDSA (and I've confirmed it works.)
Aug 27, 2015
Marking resolved at Doug K's request
Status:
Released
|
|
| ► Sign in to add a comment |