Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 4th March 2013
cakersq cakersq is offline
New User
Join Date: Mar 2013
Posts: 1
Default iked support for ECDSA keys

I successfully have IKEv2 working with iked using RSA keys and X.509 certificates and CAs. However, when I try to use ECDSA keys instead of RSA, I get:

# iked -dvv
ca_key_serialize: unsupported key type 408
fatal: ca: failed to serialize private key
ikev2 exiting
ikev1 exiting
Looking at the offending source code in /usr/src/sbin/iked/ca.c, the CA portion will only recognizes RSA keys.

Are there any plans to support ECDSA keys in iked. Other daemons like sshd already support ECDSA keys.

I'm currently running 5.2-stable, but 5.3-current has same issue.


Last edited by cakersq; 4th March 2013 at 01:58 PM. Reason: Making it prettier.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh keys barti OpenBSD Security 1 10th August 2012 09:51 AM
RSA keys not as random as they should be J65nko News 1 16th February 2012 10:09 PM
ncurses & function keys JimC OpenBSD General 1 24th October 2011 02:36 PM
Creative uses for SSH and SSH keys backrow Off-Topic 1 21st June 2010 01:09 AM
arrow keys in X idefix FreeBSD General 8 25th September 2009 08:16 AM

All times are GMT. The time now is 06:28 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick