Bug 1912

Summary: 5.8 ssh-keysign lacks ECDSA support
Product: Portable OpenSSH Reporter: Allen Parker <openssh-bugzilla>
Component: MiscellaneousAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED INVALID    
Severity: critical CC: djm, openssh-bugzilla
Priority: P2    
Version: 5.8p2   
Hardware: All   
OS: All   

Description Allen Parker 2011-06-08 18:50:15 AEST 
The patch located at http://hg.mindrot.org/openssh/rev/138961506b91?revcount=30 must be applied to the 5.8 branch in order to use ECDSA. Why this patch wasn't included in 5.8_p2 is a mystery as it's required to use ECDSA with host-based authentication. Please rectify this oversight as soon as possible.
Comment 1 Damien Miller 2011-06-09 19:06:04 AEST 
The 5.8 branch is for security fixes only. This patch will be released as part of OpenSSH 5.9.
Comment 2 Allen Parker 2011-06-09 19:09:25 AEST 
Why 5.8 was released without completely supporting ECDSA completely is beyond me. My inability to use host-based authentication with ECDSA is a security issue which should be rectified.
Comment 3 Damien Miller 2011-06-10 12:08:11 AEST 
Despite what you might like to believe, lack of support for a brand new key type in a lesser-used authentication method is not a security bug.

Anyway, I don't know why you are fiddling with this bug as there are no more 5.8 releases planned. Your options are to apply the patch yourself or wait until 5.9.