DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 4th March 2013
cakersq cakersq is offline
New User
 
Join Date: Mar 2013
Posts: 1
Thanked 0 Times in 0 Posts
Default iked support for ECDSA keys

I successfully have IKEv2 working with iked using RSA keys and X.509 certificates and CAs. However, when I try to use ECDSA keys instead of RSA, I get:

Code:
# iked -dvv
ca_key_serialize: unsupported key type 408
fatal: ca: failed to serialize private key
ikev2 exiting
ikev1 exiting
Looking at the offending source code in /usr/src/sbin/iked/ca.c, the CA portion will only recognizes RSA keys.

Are there any plans to support ECDSA keys in iked. Other daemons like sshd already support ECDSA keys.

I'm currently running 5.2-stable, but 5.3-current has same issue.

Thanks.

Last edited by cakersq; 4th March 2013 at 01:58 PM. Reason: Making it prettier.
Reply With Quote
  #2   (View Single Post)  
Old 4th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,686
Thanked 214 Times in 189 Posts
Default

Hello, and welcome!
Quote:
Are there any plans to support ECDSA keys in iked. Other daemons like sshd already support ECDSA keys.
This is a community of users. Questions for developers regarding future plans for software should be asked on the misc@ mailing list, or by emailing the developers directly. In this case, Reyk Floeter (reyk@) is the author and does most, if not all, of the commits.
Reply With Quote
  #3   (View Single Post)  
Old 4th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,686
Thanked 214 Times in 189 Posts
Default

Correction. Reyk only does most of the commits. Mike Belopuhov (mikeb@) is his co-developer.

Both are active on misc@.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh keys barti OpenBSD Security 1 10th August 2012 09:51 AM
RSA keys not as random as they should be J65nko News 1 16th February 2012 10:09 PM
ncurses & function keys JimC OpenBSD General 1 24th October 2011 02:36 PM
Creative uses for SSH and SSH keys backrow Off-Topic 1 21st June 2010 01:09 AM
arrow keys in X idefix FreeBSD General 8 25th September 2009 08:16 AM


All times are GMT. The time now is 11:52 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick