[Bug 2617] sign_and_send_pubkey: no separate private key for certificate

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Dec 2 14:28:08 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2617

--- Comment #5 from Damien Miller <djm at mindrot.org> ---
(In reply to Adam Eijdenberg from comment #4)
> I found this bug after preparing a similar patch (including tests).
> 
> Although the patch provided here is simpler, it fails when using the
> new CertificateFile configuration line (which was introduced in the
> commit that broke the old behaviour).

I think your pull request goes a bit beyond what's going on here, by
removing the restrictions that CertificateFile-loaded keys must have a
corresponding plain public key. IMO that's a fine goal, but it's not
strictly a regression like this is.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list