[Bug 3351] RSA SHA256 certificates no longer work
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Oct 7 13:46:38 AEDT 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3351
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I'm not able to replicate this, either manually or with modifications
to regress/cert-userkey.sh to explicitly test this case (though I think
it was previously anyway).
Could you please attach debug traces from the client and server to this
bug?
Note that RSA SHA256 certificates are always identified as
ssh-rsa-cert-v01 at openssh.com because key type names are actually
somewhat separate to signature algorithm names even though they look
the same. So a ssh-rsa-cert-v01 at openssh.com certificate can happily
make a rsa-sha2-256 signature. (Yes, this is a confusing area of the
protocol).
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list