Bug 339383 - ecdsa-sha2-nistp521 do a bug
Summary: ecdsa-sha2-nistp521 do a bug
Status: RESOLVED UPSTREAM
Alias: None
Product: kio
Classification: Unmaintained
Component: sftp (other bugs)
Version First Reported In: 4.12.5
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: Andreas Schneider
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-09-25 14:55 UTC by BRULE Herman
Modified: 2014-10-01 00:26 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description BRULE Herman 2014-09-25 14:55:13 UTC 
Hello,

Firstly sftp don't save the ecdsa-sha2-nistp521 public key into ~/.ssh/known_hosts but RSA.
Secondly, when I had already connect ssh client, it have created ecdsa-sha2-nistp521 entry, then dolphin don't detect it, try RSA and informe the user about key change error.
Thirdly, don't ask to replace this key.

Cheers,

Reproducible: Always
Comment 1 Andreas Schneider 2014-09-26 07:24:19 UTC 
Hello,

I've just tested it. libssh saved the ecdsa-sha2-nistp256 key to my known_hosts file. Which version of libssh are you using? Please report a bug upstream and tell us how to reproduce it!

https://red.libssh.org/

> Thirdly, don't ask to replace this key.

This will never be added. It is a security feature that you need to delete the key in the known_hosts file. Otherwise people do not think if something bad happpend!
Comment 2 BRULE Herman 2014-09-26 07:55:06 UTC 
Hello,

It's because your ssh server is configured with default key lenght, try:
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -b 521 -N ''
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -b 4096 -N ''
on openssh server.
I use libssh 0.6.3

Cheers,
Comment 3 Andreas Schneider 2014-09-30 14:49:00 UTC 
This is not an issue in kio_sftp. Please open a bug at https://red.libssh.org/ 

Thanks!
Comment 4 BRULE Herman 2014-09-30 19:15:20 UTC 
https://red.libssh.org/issues/171