-
Notifications
You must be signed in to change notification settings - Fork 671
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ed25519 keys not working #352
Comments
Notable link on ed25519 support in Node: nodejs/node#2144 Two options: |
Yes, this is a known issue. The problem though is that the pure js implementations for some of these algorithms that OpenSSL currently does not support are slow. I think I would only want to start incorporating these pure js algorithm solutions once there is the ability to override the hard-coded list of algorithms, ciphers, etc. This way if someone doesn't want to use the pure js algorithms (for performance reasons), then they can (easily) opt out of that. However, I haven't had time to work on this. |
Thanks @mscdex I appreciate the concerns over performance issue and opting-out. As host key algorithm itself is only run once per connection, the performance of that particular implementation should not be a big concern. That said, I understand why you would want to make sure an opt-out scheme of some sort would be in place before going down this road. Cheers. |
FWIW I've just landed ECDSA support in I'm still not sure when/if OpenSSL will support ed25519 though. There is an ed25519 issue on OpenSSL's repo here FWIW. There is also another OpenSSL github issue for curve25519 here that is supposedly "in progress" and a related node issue here. I should also note I would be open to the possibility of having an |
openssl/openssl#309 says "x25519 is in [OpenSSL] 1.1" Can this be implemented now? I would appreciate it enormously :) |
It won't be supported at least until OpenSSL 1.1.x is included in a version of node. See this PR for more information. |
I suppose nodejs/node#18770 is the more updated issue now (OpenSSL 1.1.1). |
Oh wait, reading a bit deeper, in that issue there is the line:
Looks like this is supported after all now: Node.js 10: nodejs/node#16130 (comment) |
@mscdex could you please also consider adding an ed25519 PPK parser? |
Any update on this? |
Nothing has changed, node doesn't have OpenSSL 1.1.1 yet. |
Looks like it's about to happen. |
Right, but it will still take time before it makes it into a release and then into the hands of end users :) |
Is this fixed by e40ca05? |
Kind of, but support in node only exists in node master currently. |
Full Ed25519 support now available in |
Hello! I just was wondering if it's possible to use ed25519 based connection with the node version lower than 12? |
@AlexandrKravchuk Not without adding some sort of JavaScript-only ed25519 implementation, which I prefer not to do. |
Any update ? |
On what? You need a version of node that supports ed25519, which equates to node v12.0.0 or newer. |
Not sure if this is an issue here or upstream, but I just wanted to give a heads up that
ed25519
host keys do not appear to be supported.When running e.g.
The output includes:
I doubt there's anything on my end (Mac OS X 10.11.1; node 5.0.0; fresh package install of
[email protected]
); it looks like the support is simply not yet in ssh2-streams. I can re-file a bug there, if that is preferable.🍻
The text was updated successfully, but these errors were encountered: