Date: Mon, 25 Jun 2012 10:31:38 -0700 From: Xin Li <delphij@delphij.net> To: Dag-Erling Smorgrav <des@freebsd.org>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Cc: d@delphij.net Subject: [PATCH] Make ssh-keyscan to fetch ECDSA keys by default Message-ID: <4FE8A07A.60803@delphij.net>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------050705050107090703070800 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Dag-Erling, Here is a patch from OpenBSD which makes ssh-keyscan to fetch ECDSA keys by default, to match the default hostkey algorithm. Cheers, - -- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBCAAGBQJP6KB6AAoJEG80Jeu8UPuz3ksIAJnPmcFBDE0Uc7wW7H9b2ug4 coILQXSBXlXZqHuGd6HqI7ghz3fthe8oKxvNkjhEcrngLGWi3UXIEEVHnJAtHJaT tzUwxLPK6bn2ZiIxTxjKEEmXhbyhlggSRDCLMXKsrrJYltL5VX6pM/jWACeBnegm xh38KZ7yh8AIAaFyZVGZcIbWd9Yw6DXc7gTt4ifVQ537TdFnMlowuqxT/g27tZaq /fbEozwCTXCpBNqkhLyROF7pNqEHvdKbN6BeLf//7gnOuof2h5VDElf9Lacnek92 kRPSw/gboPo6UEEZ1OdGjecUnBlePYxpxIs6np4hDWaniR4VNq+DczIcmTDSnO4= =OzCc -----END PGP SIGNATURE----- --------------050705050107090703070800 Content-Type: text/plain; name="ssh-keyscan.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ssh-keyscan.diff" Index: crypto/openssh/ssh-keyscan.c =================================================================== --- crypto/openssh/ssh-keyscan.c (revision 237520) +++ crypto/openssh/ssh-keyscan.c (working copy) @@ -57,7 +57,7 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_RSA 4 #define KT_ECDSA 8 -int get_keytypes = KT_RSA; /* Get only RSA keys by default */ +int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */ int hash_hosts = 0; /* Hash hostname on output */ --------------050705050107090703070800--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FE8A07A.60803>