no mutual signature algorithm with RSA user certs client 7.8, server 7.4

Adam Eijdenberg adam at continusec.com
Thu Oct 11 12:45:40 AEDT 2018


On Thu, Oct 11, 2018 at 12:19 PM Damien Miller <djm at mindrot.org> wrote:
> No, I think I figured it out :)

Thanks again for your help. I think there are still 2 more sets of
duplicated lines that can go. ie I think we can delete:

diff --git a/sshkey.c b/sshkey.c
index 21e61a2c..6555c5ef 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -124,10 +124,6 @@ static const struct keytype keytypes[] = {
            "rsa-sha2-512", KEY_RSA_CERT, 0, 1, 1 },
        { "ssh-dss-cert-v01 at openssh.com", "DSA-CERT", NULL,
            KEY_DSA_CERT, 0, 1, 0 },
-       { "ssh-rsa-cert-v01 at openssh.com", "RSA-CERT", NULL,
-           KEY_RSA_CERT, 0, 1, 0 },
-       { "ssh-dss-cert-v01 at openssh.com", "DSA-CERT", NULL,
-           KEY_DSA_CERT, 0, 1, 0 },
 # ifdef OPENSSL_HAS_ECC
        { "ecdsa-sha2-nistp256-cert-v01 at openssh.com", "ECDSA-CERT", NULL,
            KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1, 0 },


More information about the openssh-unix-dev mailing list