[Bug 3202] New: Ed25519 key on HSM is not getting listed in ssh-add -l command

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Aug 26 18:45:31 AEST 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3202

            Bug ID: 3202
           Summary: Ed25519 key on HSM is not getting listed in ssh-add -l
                    command
           Product: Portable OpenSSH
           Version: 8.2p1
          Hardware: ARM64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-add
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ranjan.kumar at thalesgroup.com

Created attachment 3442
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3442&action=edit
Logs that shows detailed output of each command with cryptoki log and
dmesg.

Steps to Reproduce:
1.Install OpenSSH 
2.Install SafeNet LunaClient and setup NTLS.
3.Generate Edward 25519 and RSA Key using SafeNet ckdemo utility.
4.Run below commands:
  a.)eval `ssh-agent -P "/usr/safenet/lunaclient/lib/*" -s`
  b.)ssh-add  -s /usr/safenet/lunaclient/lib/libcklog2.so
  c.)ssh-add -l

Actual Output:
2048 SHA256:r/7tkup1Bb76UDVgs5GDfTDvKpTVhhM0SWNY+Mja2Xg Generated RSA
Public Key (RSA)

Expected Output: Both RSA And Ed25519 key should be listed.

5.Create Ed25519 key using ssh-keygen command on HSM: ssh-keygen -t
ed25519 -D /usr/safenet/lunaclient/lib/libcklog2.so

Actual Output:
Enter PIN for 'ranjan':
skipping unsupported key type
failed to fetch key
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCTt5YbM8CVbfAhjhu5QeQJ/P8To47dWjw2oeb2lRycZkW/UmgRdT+wd/i1nqwMaiPhNHW40ivI90ta2KFNGfx+hQAXgFn+UWpFeTDsHbvSCnO0vQh4s8EHPw89Fr4Sl9NXgTZNIbzEOjE7KiPy85zmoBY8rr06jhA4xK7ig3Bq6zkj9AoW/H+ph+F7v3uyeaJVqNbD3SjMbdf8kt9UAlQczHtKdaJm/akH5HlWa38+wDwQsTAnFvbSmiM6/nYcD8f5PA1/tCr5JdsrhhLplYIrfh3Xf/ZBAubYESKeOy1QNR3U4TXSklPVrkPPlx7qpynMS1emVgzen2Fonkga8V4t
Generated RSA Public Key

Expected Output:Ed25519 Key Should be generated

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list