Call for testing: OpenSSH-6.5
Loganaden Velvindron
loganaden at gmail.com
Thu Jan 23 15:14:44 EST 2014
On Thu, Jan 23, 2014 at 1:54 AM, Gerald Turner <gturner at unzane.com> wrote:
> Damien Miller <djm at mindrot.org> writes:
>> Running the regression tests supplied with Portable OpenSSH does not
>> require installation and is a simply:
>>
>> $ ./configure && make tests
>
> Tested openssh-SNAP-20140123 on Debian jessie/testing amd64 with OpenSSL
> 1.0.1f on two machines (one with AES-NI instructions), all tests passed
> and no warnings.
>
>> * ssh(1), sshd(8): Add support for Ed25519 as a public key type.
>> Ed25519 is a elliptic curve signature scheme that offers
>> better security than ECDSA and DSA and good performance. It may be
>> used for both user and host keys.
>
> Is there SSHFP support for Ed25519? I suppose not - looks like it would
> need Internet Drafts equivalent to RFC6090 (ECDSA) and RFC6594 (SSHFP).
> Currently Curve25519 has an I-D but not for Ed25519:
A draft for sshfp is being worked on.
>
> http://datatracker.ietf.org/doc/draft-josefsson-tls-curve25519/
>
> “This document only describes usage of additional curves for ephemeral
> key exchange (ECDHE), not for use with long-term keys embedded in
> PKIX certificates (ECDH_RSA and ECDH_ECDSA). This is because
> Curve25519 is not directly suitable for authentication with ECDSA,
> and thus not applicable for signing of e.g. PKIX certificates.”
>
> --
> Gerald Turner Email: gturner at unzane.com JID: gturner at unzane.com
> GPG: 0xFA8CD6D5 21D9 B2E8 7FE7 F19E 5F7D 4D0C 3FA0 810F FA8C D6D5
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
--
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
More information about the openssh-unix-dev
mailing list