diff options
| author |   markus <markus@openbsd.org> | 2013-12-06 13:39:49 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2013-12-06 13:39:49 +0000 |
| commit | 8ffbcf6d17e8775510029e60a52819f50c2b6e51 (patch) | |
| tree | a5e7d241214bd17ce28800908b837349ad6cebe4 /usr.bin/ssh/ssh.c | |
| parent | new private key format, bcrypt as KDF by default; details in PROTOCOL.key; (diff) | |
| download | wireguard-openbsd-8ffbcf6d17e8775510029e60a52819f50c2b6e51.tar.xz wireguard-openbsd-8ffbcf6d17e8775510029e60a52819f50c2b6e51.zip | |
support ed25519 keys (hostkeys and user identities) using the public domain
ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html
feedback, help & ok djm@
Diffstat (limited to 'usr.bin/ssh/ssh.c')
| -rw-r--r-- | usr.bin/ssh/ssh.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index a7b4c9ff2eb..7291734dfef 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.395 2013/11/26 12:14:54 jmc Exp $ */ +/* $OpenBSD: ssh.c,v 1.396 2013/12/06 13:39:49 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -500,7 +500,11 @@ main(int ac, char **av) else if (strcmp(optarg, "kex") == 0) cp = kex_alg_list('\n'); else if (strcmp(optarg, "key") == 0) - cp = key_alg_list(); + cp = key_alg_list(0, 0); + else if (strcmp(optarg, "key-cert") == 0) + cp = key_alg_list(1, 0); + else if (strcmp(optarg, "key-plain") == 0) + cp = key_alg_list(0, 1); if (cp == NULL) fatal("Unsupported query \"%s\"", optarg); printf("%s\n", cp); @@ -957,7 +961,7 @@ main(int ac, char **av) sensitive_data.external_keysign = 0; if (options.rhosts_rsa_authentication || options.hostbased_authentication) { - sensitive_data.nkeys = 7; + sensitive_data.nkeys = 8; sensitive_data.keys = xcalloc(sensitive_data.nkeys, sizeof(Key)); @@ -976,13 +980,16 @@ main(int ac, char **av) _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); sensitive_data.keys[6] = key_load_private_type(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); + sensitive_data.keys[7] = key_load_private_type(KEY_ED25519, + _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); PRIV_END; if (options.hostbased_authentication == 1 && sensitive_data.keys[0] == NULL && sensitive_data.keys[4] == NULL && sensitive_data.keys[5] == NULL && - sensitive_data.keys[6] == NULL) { + sensitive_data.keys[6] == NULL && + sensitive_data.keys[7] == NULL) { sensitive_data.keys[1] = key_load_cert( _PATH_HOST_DSA_KEY_FILE); sensitive_data.keys[2] = key_load_cert( @@ -995,6 +1002,8 @@ main(int ac, char **av) _PATH_HOST_ECDSA_KEY_FILE, NULL); sensitive_data.keys[6] = key_load_public( _PATH_HOST_RSA_KEY_FILE, NULL); + sensitive_data.keys[7] = key_load_public( + _PATH_HOST_ED25519_KEY_FILE, NULL); sensitive_data.external_keysign = 1; } } |