openssh-5.5p1
Damien Miller
djm at mindrot.org
Fri Mar 26 08:53:45 EST 2010
On Tue, 23 Mar 2010, Iain Morgan wrote:
> Hi Damien,
>
> One minor issue that I just spotted with the -L option with ssh-keygen
> is that it can yield a misleading error message if the cert is not
> readable due to filesystem permissions.
>
> $ ls -l /etc/ssh/ssh_host_rsa_key-cert.pub
> -rw------- 1 root root 1151 Mar 23 13:36
> /etc/ssh/ssh_host_rsa_key-cert.pub
> $ ssh-keygen -Lf /etc/ssh/ssh_host_rsa_key-cert.pub
> /etc/ssh/ssh_host_rsa_key-cert.pub is not a public key
>
> (This was with the 5.4p1 release, but I assume it also holds for recent
> snapshots.)
I think that is a more general problem for public key loading in
ssh-keygen. Please file a bug and I will factor all of the offending cases
out and fix them in one go after 5.5p1.
-d
More information about the openssh-unix-dev
mailing list