Bug 1210090

Summary: fails to create 521bit ecdsa keys
Product: Red Hat Enterprise Linux 6 Reporter: Christoph Anton Mitterer <calestyo>
Component: opensshAssignee: Jakub Jelen <jjelen>
Status: CLOSED CURRENTRELEASE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.6CC: calestyo, plautrba
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-13 19:06:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Christoph Anton Mitterer 2015-04-08 21:53:23 UTC 
# ssh-keygen -q -t ecdsa -b 521
Invalid ECDSA key length - valid lengths are 256, 384 or 521 bits

Yeah... weird... o.O

Works for 384 and 256 though.
Comment 2 Jakub Jelen 2015-04-09 06:08:43 UTC 
Works for me with latest stable release of openssh:
# rpm -q openssh
openssh-5.3p1-104.el6_6.1.x86_64

# ssh-keygen -q -t ecdsa -b 521
Enter file in which to save the key (/root/.ssh/id_ecdsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again:

Can you test it once again and properly report which version you are using?
Comment 3 Christoph Anton Mitterer 2015-04-09 14:20:13 UTC 
Hmm I have:
# rpm -q openssh
openssh-5.3p1-104.el6.x86_64
# ssh-keygen -q -t ecdsa -b 521
Invalid ECDSA key length - valid lengths are 256, 384 or 521 bits


Cheers,
Chris.
Comment 4 Jakub Jelen 2015-04-22 09:09:16 UTC 
Does it work for you to generate keys of size 256 and 384?
# ssh-keygen -q -t ecdsa -b 384

What is the openssl version you have installed?
# rpm -q openssl
openssl-1.0.1e-30.el6_6.8.x86_64

What is openssl version that was openssh build against? The size 521 is included only if openssh is build against openssl version that supports it and it is not done as runtime check.

Are you using RHEL or some of the rebuilds?
Comment 5 Christoph Anton Mitterer 2015-07-13 18:02:43 UTC 
Hey.

Sorry for the long delay.


Yes it works with the other curves:
# ssh-keygen -q -t ecdsa -b 384
Enter file in which to save the key (/root/.ssh/id_ecdsa): ^C
# ssh-keygen -q -t ecdsa -b 521
Invalid ECDSA key length - valid lengths are 256, 384 or 521 bits
# ssh-keygen -q -t ecdsa -b 256
Enter file in which to save the key (/root/.ssh/id_ecdsa): ^C

# rpm -q openssl
openssl-1.0.1e-30.el6_6.7.x86_64


It's a bit difficult to tell which exact version it was built against,
# ssh -V       
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

But of course that's only the OpenSSL version, not the package version. :(


In fact, it's Scientific Linux, but AFAICT, they don't change anything for OpenSLL/SSH and simply take your packages, which is why I reported it directly at "upstream" and not SL.

Anyway, if you say it works for you then it probably *is* something SL related and one can close the bug at RHEL.

Best wishes,
Chris.
Comment 6 Petr Lautrbach 2015-07-13 19:06:20 UTC 
The support for secp521r1 EC curve was added in openssl-1.0.1e-24.el6 and openssh-5.3p1-96.el6 and it still works in the current rhel-6 release as Jakub stated in the comment #2.

Please report your problem to SL.