Call for testing: OpenSSH-6.5

Loganaden Velvindron loganaden at gmail.com
Thu Jan 23 15:14:44 EST 2014


On Thu, Jan 23, 2014 at 1:54 AM, Gerald Turner <gturner at unzane.com> wrote:
> Damien Miller <djm at mindrot.org> writes:
>> Running the regression tests supplied with Portable OpenSSH does not
>> require installation and is a simply:
>>
>> $ ./configure && make tests
>
> Tested openssh-SNAP-20140123 on Debian jessie/testing amd64 with OpenSSL
> 1.0.1f on two machines (one with AES-NI instructions), all tests passed
> and no warnings.
>
>>  * ssh(1), sshd(8): Add support for Ed25519 as a public key type.
>>    Ed25519 is a elliptic curve signature scheme that offers
>>    better security than ECDSA and DSA and good performance. It may be
>>    used for both user and host keys.
>
> Is there SSHFP support for Ed25519?  I suppose not - looks like it would
> need Internet Drafts equivalent to RFC6090 (ECDSA) and RFC6594 (SSHFP).
> Currently Curve25519 has an I-D but not for Ed25519:

A draft for sshfp is being worked on.

>
> http://datatracker.ietf.org/doc/draft-josefsson-tls-curve25519/
>
>   “This document only describes usage of additional curves for ephemeral
>    key exchange (ECDHE), not for use with long-term keys embedded in
>    PKIX certificates (ECDH_RSA and ECDH_ECDSA).  This is because
>    Curve25519 is not directly suitable for authentication with ECDSA,
>    and thus not applicable for signing of e.g.  PKIX certificates.”
>
> --
> Gerald Turner   Email: gturner at unzane.com   JID: gturner at unzane.com
> GPG: 0xFA8CD6D5  21D9 B2E8 7FE7 F19E 5F7D  4D0C 3FA0 810F FA8C D6D5
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>



-- 
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.


More information about the openssh-unix-dev mailing list