1. kille72 Avatar kille72
  2. Untitled project
  3. freshtomato-arm
  4. Issues

Ed25519 keys?

Issue #70 new
Vladimir Bauer created an issue

Is it possible to support Ed25519 ssh keys in the next release? I've tried to enter one, but web view at Administration/Admin Access rejected it.

Main reason is that Ed25519 key is less in size, thus it occupies less storage in nvram, especially if one has to store several keys.

Comments (2)

  1. Igor Lidin Account Deactivated

    This may be done with a simple patch (dropbear already has enough support for ED25519):

    --- admin-access.asp.orig       2019-08-11 22:54:36.000000000 +0000
+++ admin-access.asp.patched    2019-08-11 23:33:39.000000000 +0000
@@ -87,7 +87,7 @@
 if (!v_length(a, quiet || !ok, 0, 4096)) {
 ok = 0;
 } else if (a.value != '') {
-if (a.value.search(/^\s*ssh-(dss|rsa)/) == -1) {
+if (a.value.search(/^\s*(ssh-(dss|rsa)|ecdsa-sha2-nistp(521|384|256))/) == -1) {
 ferror.set(a, 'Invalid SSH key.', quiet || !ok);
 ok = 0;
 }
  2. Igor Lidin Account Deactivated

    Sadly, I was mistaken. Vanilla Dropbear does not support ED25519 yet (only ECDSA). There are patches for ED25519, but not in vanilla Dropbear yet.

    At least, it’s easy to add ECDSA keys support (see patch above).

  3. Log in to comment
Assignee
Type
enhancement
Priority
minor
Status
new
Votes
1
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!