Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No support for curve ed25519 keys #38

Open
almereyda opened this issue Sep 9, 2022 · 3 comments
Open

No support for curve ed25519 keys #38

almereyda opened this issue Sep 9, 2022 · 3 comments

Comments

@almereyda
Copy link

The use of RSA keys is hard coded.

vault/bin/vault

Lines 51 to 60 in c239074

selectKey: function(callback) {
var client = new SSH(),
snip = 12;
client.requestIdentities(function(error, keys) {
keys = keys.filter(function(k) { return k.type === 'ssh-rsa' });
if (keys.length === 0)
return callback(new Error('No usable RSA keys were found'));

Nowadays that ed25519 keys are also common, it could be nice to have them available for encryption/decryption, too.
@jcoglan
Copy link
Owner

jcoglan commented Sep 10, 2022

Have you checked whether the existing code would work with ed25519 keys, if we removed the filter for ssh-rsa?

@almereyda
Copy link
Author

Not yet, and not before end of October, since I'm moving houses.

@the-13th-letter
Copy link

Have you checked whether the existing code would work with ed25519 keys, if we removed the filter for ssh-rsa?

It would: ed25519 key signatures are deterministic, like RSA signatures. And does: I've had quite some success running this on a local fork of vault for the last few years.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jcoglan @the-13th-letter @almereyda