Show sign-only key algorithms by default

Damien Miller djm at mindrot.org
Thu May 24 12:27:33 AEST 2018


That's because the query lists key types and not signature types.
They are somewhat separate things and we're still trying to
figure out how best to untangle them.

On Thu, 24 May 2018, Yegor Ievlev wrote:

> By default "ssh -Q key" doesn't show more secure rsa-sha2-512 and
> rsa-sha2-256 key algorithms. This PR shows them unless the user
> specifies that they only want key algorithms that support encryption.
> 
> ssh.c:
> 744c744
> < cp = sshkey_alg_list(0, 0, 0, '\n');
> ---
> > cp = sshkey_alg_list(0, 0, 1, '\n');
> 746c746
> < cp = sshkey_alg_list(1, 0, 0, '\n');
> ---
> > cp = sshkey_alg_list(1, 0, 1, '\n');
> 748c748,750
> < cp = sshkey_alg_list(0, 1, 0, '\n');
> ---
> > cp = sshkey_alg_list(0, 1, 1, '\n');
> > else if (strcmp(optarg, "key-encrypt") == 0)
> > cp = sshkey_alg_list(0, 0, 0, '\n');
> 
> Please set email of commit to koops1997+github at gmail.com and name to
> Yegor Ievlev, so commit will be attributed to me on GitHub.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 


More information about the openssh-unix-dev mailing list