Re: Dropbear 2020.79

2020-06-17 Thread Geoff Winkless
On Mon, 15 Jun 2020 at 16:52, Matt Johnston wrote: > This release also supports rsa-sha2 signatures which will be > required by OpenSSH in the near future - rsa with sha1 will > be disabled. This doesn't require any change to > hostkey/authorized_keys files. > Apologies if I'm being obtuse;

Re: "Bad public key options" (Was: Dropbear 2020.79)

2020-06-17 Thread Matt Johnston
> On Tue 16/6/2020, at 9:58 am, Guilhem Moulin wrote: >> - […] x11 forwarding are now disabled by default. > > I have no opinion about disabling this at compile-time, however the > current implementation locks out (“Bad public key options”) users with > ‘no-X11-forwarding’ in their

Re: Dropbear 2020.79

2020-06-17 Thread Matt Johnston
There are various examples at https://github.com/fabriziobertocci/dropbear-epka Cheers, Matt > On Wed 17/6/2020, at 6:38 pm, Hans Harder wrote: > > Does anybody have an example of the external public-key authentication api > Sounds interesting, but I am not sure how to use this... > > thx >

Re: Dropbear 2020.79

2020-06-17 Thread Hans Harder
Does anybody have an example of the external public-key authentication api Sounds interesting, but I am not sure how to use this... thx Hans On Mon, Jun 15, 2020 at 5:53 PM Matt Johnston wrote: > Hi all, > > Dropbear 2020.79 is now released. Particular thanks to Vladislav Grishenko > for

Re: "Bad public key options"

2020-06-17 Thread Guilhem Moulin
On Wed, 17 Jun 2020 at 20:18:58 +0800, Matt Johnston wrote: >> On Tue 16/6/2020, at 9:58 am, Guilhem Moulin wrote: >>> - […] x11 forwarding are now disabled by default. >> >> I have no opinion about disabling this at compile-time, however the >> current implementation locks out (“Bad public key

Re: Dropbear 2020.79

2020-06-17 Thread Geoff Winkless
On Wed, 17 Jun 2020 at 13:19, I wrote: > Apologies if I'm being obtuse; with newer version of openssh client the > new dropbear won't accept rsa keys: > Just to update the list in case anyone else hits the same problem I did, the issue was caused by running an out-of-date version of Pageant (the