Commits on Jul 18, 2024

1. Support loading Ed448 public keys in OpenSSH format …

   The 'ssh-ed448' key type is documented along with 'ssh-ed25519' in [1], but
   has never been supported by any as-yet-released version of OpenSSH.
   
   However, LANcom router devices (which appear to be primarily used in
   Germany, see [2] for examples on the public Internet) appear to support
   these keys, so this library can and should support loading them.
   
   Ed448 private keys are not yet implemented here, because OpenSSH itself does
   not yet support them, and it is the de facto authority for private key
   formats.  However, PuTTY has already implemented support for generating and
   using Ed448 keys, and the PuTTY developers note in [3] that the OpenSSH
   developers are in agreement with them as to the correct Ed448 private key
   format:
   
   > I checked with them [OpenSSH developers], and they agreed that there's an
   > obviously right format for Ed448 keys, which is to do them exactly like
   > Ed25519 except that you have a 57-byte string everywhere Ed25519 had a
   > 32-byte string.  So I've done that.
   
   See also [4] in which I extended `ssh-audit` to allow it to scan and
   discover host keys of type 'ssh-ed488'.
   
   [1] https://datatracker.ietf.org/doc/html/rfc8709#name-public-key-format
   [2] https://www.shodan.io/search?query=ssh+%22ed448%22
   [3] github/putty@a085acb
   [4] jtesta/ssh-audit#277

   

   dlenskiSB committed Jul 18, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 9aedcec
   • Browse repository at this point

   Copy the full SHA

   9aedcec View commit details

   Browse the repository at this point in the history