bobveznat
commented
9 years ago Related go issue for adding ed25519 support: https://github.com/golang/go/issues/8581
Closed bobveznat closed 8 years ago
bobveznat
commented
9 years ago Related go issue for adding ed25519 support: https://github.com/golang/go/issues/8581
bobveznat
commented
9 years ago The go library simply doesn't return a useful error in the case that we try to parse an unsupported key.
I changed this project to support finding keys by fingerprint instead of by path (to be consistent with the entire rest of this project) and then the golang ssh implementation panics when it attempts to sign the requested cert using ssh-agent. That's easy to catch, however, by looking at the key type before attempting to sign(). If the key type isn't supported we exit gracefully. And of course this only works for people that transition to using PublicKeyFingerprint in requester_config.json
bobveznat
commented
8 years ago Golang does support ed25519 now. I've been testing it in an upcoming release of ssh-cert-authority. So far so good.
If you attempt to request a cert using an ed25519 key ssh-cert-authority aborts in an ambiguous way:
$ ssh-cert-authority request -e test Please give a reason: testing ed25519 Trouble parsing your public key ssh: no key found
We should provide a more helpful error message. Also update the documentation to describe supported key types.
Know that key type support is driven by the keys supported by Go's SSH implementation.