On 06/22/2018 01:04 PM, Tom Horsley wrote:
On Fri, 22 Jun 2018 12:45:08 -0700 Gordon Messmer wrote:
There is an open bug concerning the fact that if there is an invalid
.pub file in .ssh, GNOME keyring won't automatically unlock *any* keys,
so remove any old key files.
Yep, some forms of keys are no longer supported because security geeks decided
they were insecure (like DSA and RSA version 1 keys). When this change first
appeared I spent a lot of time getting rid of old keys and updating the
authorized_keys file on lots of systems. This did happen a few fedora's ago,
but if you didn't upgrade for a while, this may be the first time you've seen
it.
RSA1 and DSA keys were dropped back in OpenSSH 7 (Fedora 23), in late
2015. I *hope* this isn't anyone's first experience with a system that
doesn't support them.
The bug is new, though. If you had any old files sitting around, in the
past they'd just be ignored. At the moment, they actually block
gnome-keyring from loading *any* keys, including new keys that are
supported.
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org/message/ICWXZWQXRHSMEO34ABFHS6KNC4Q3WEW5/
