# ECC wtih SSH, where's the directive?

## dman777

I want to use ECC to encrypt my SSH key. But in the client side ssh_config I only see directives for DSA and RSA. I know SSH supports it. How do I go about this?

----------

## John R. Graham

See

```
man openssl-ecparam
```

Key generation is embedded in there. Also see

```
man openssl-ec
```

for key manipulation. openssl commands are not particularly orthogonal. You'd think that, since gendh, genrsa, and gendsa exist that there'd be a genec, right? Nope. That would be too easy.

You know that you don't use asymmetric key algorithms for bulk encryption, right? They're just used to protect symmetric keys which handle that. So, I don't understand your goals. Are you trying to use ECC to establish an SSH session or just to protect your SSH private key at rest?

- John

----------

## dman777

I want to use ssh keys instead of passwords. From what I read on the Gentoo SSH key tutorial for authentication , the SSH server uses the public key to encrypt random number. The client with the private key decrypts this number and sends it over back to the server to prove that it has the private key. 

With this encryption the public/private key does for authorization, I'm assuming this is not the bulk encryption(the tunnel itself) so it is using asymmetric encryption....typically DSA or RSA. I would rather use ECC as a replacement if possible. This is where I would like to use ECC, is this possible?

----------

## new_item

 *dman777 wrote:*   

> I want to use ssh keys instead of passwords. From what I read on the Gentoo SSH key tutorial for authentication , the SSH server uses the public key to encrypt random number. The client with the private key decrypts this number and sends it over back to the server to prove that it has the private key. 
> 
> With this encryption the public/private key does for authorization, I'm assuming this is not the bulk encryption(the tunnel itself) so it is using asymmetric encryption....typically DSA or RSA. I would rather use ECC as a replacement if possible. This is where I would like to use ECC, is this possible?

 

http://pthree.org/2011/02/17/elliptic-curve-cryptography-in-openssh/

----------

## dman777

strange they call it ecdsa. so do i place it in "~/.ssh/id_ecdsa.pub "? that directive is not listed in ssh_config so that is where i am stumped.

----------

## Hu

That is the traditional name for the public part of an ECDSA key, and ssh-keygen will default to putting it there when you generate an ECDSA key.

----------

## dman777

Can't get it to generate a ECDSA key. I have the right openssh version, and ecdsa is listed in my sshd_config and man ssh-keygen.

```
localhost yo # ssh-keygen -t ecdsa -b 1024

unknown key type ecdsa

localhost yo # equery list openssh

 * Searching for openssh ...

[IP-] [  ] net-misc/openssh-5.8_p1-r1:0

localhost yo # 
```

----------

## Hu

For me, ssh-keygen -t ecdsa works using =dev-libs/openssl-1.0.0e[zlib] and =net-misc/openssh-5.8_p1-r1[X,hpn,pam,tcpd].  Adding the -b 1024 produces an error message since that is not a valid ECDSA key length, but your ssh-keygen bails out before it gets that far.  What is the output of emerge --info dev-libs/openssl net-misc/openssh?

----------

## dman777

```
ocalhost ssmtp # emerge --info dev-libs/openssl net-misc/openssh

Portage 2.1.10.11 (hardened/linux/amd64/selinux, gcc-4.5.2, glibc-2.13-r4, 2.6.39-hardened-r6 x86_64)

=================================================================

                        System Settings

=================================================================

System uname: Linux-2.6.39-hardened-r6-x86_64-AMD_Phenom-tm-_II_X3_705e_Processor-with-gentoo-2.0.3

Timestamp of tree: Wed, 16 Nov 2011 08:30:01 +0000

app-shells/bash:          4.2_p10

dev-lang/python:          2.7.2-r2, 3.2-r2

dev-util/cmake:           2.8.5-r2

dev-util/pkgconfig:       0.26

sys-apps/baselayout:      2.0.3

sys-apps/openrc:          0.8.3-r1

sys-apps/sandbox:         2.5

sys-devel/autoconf:       2.13, 2.68

sys-devel/automake:       1.9.6-r3, 1.11.1-r1

sys-devel/binutils:       2.21.1

sys-devel/gcc:            4.5.2

sys-devel/gcc-config:     1.4.1-r1

sys-devel/libtool:        2.4-r1

sys-devel/make:           3.82-r1

sys-kernel/linux-headers: 2.6.38 (virtual/os-headers)

sys-libs/glibc:           2.13-r4

Repositories: gentoo hardened-dev

ACCEPT_KEYWORDS="amd64 ~amd64"

ACCEPT_LICENSE="*"

CBUILD="x86_64-pc-linux-gnu"

CFLAGS="-march=native -O2 -pipe"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"

CXXFLAGS="-march=native -O2 -pipe"

DISTDIR="/usr/portage/distfiles"

EMERGE_DEFAULT_OPTS="--autounmask=n"

FEATURES="assume-digests binpkg-logs distlocks ebuild-locks fixlafiles fixpackages news parallel-fetch protect-owned sandbox selinux sesandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"

FFLAGS=""

GENTOO_MIRRORS="http://distfiles.gentoo.org/ "

LDFLAGS="-Wl,-O1 -Wl,--as-needed"

MAKEOPTS="-j6"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY="/var/lib/layman/hardened-development"

SYNC="rsync://rsync.gentoo.org/gentoo-portage"

USE="3dnow 3dnowext X acl acpi amd64 berkdb bindist bzip2 cairo cli cracklib crypt cups cxx dri evdev fuse gdbm gimp git glitz gnutls gpm gtk hardened iconv iso14755 jpeg justify mmx modules mudflap multilib ncurses nls nptl nptlonly open_perms opengl openmp pam pax_kernel pcre png pppd qt4 readline selinux session sse sse2 sse3 sse4a ssl svg sysfs tcpd tiff truetype udev urandom virtualbox xcb xorg xvmc zlib" ALSA_CARDS="maestro3 usb-usx2y wavefront" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev virtualbox" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="virtualbox" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"

Unset:  CPPFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================

                        Package Settings

=================================================================

dev-libs/openssl-1.0.0d was built with the following:

USE="bindist (multilib) (selinux) (sse2) zlib -gmp -kerberos -rfc3779 -test"

CFLAGS="-march=native -O2 -pipe -fno-strict-aliasing -Wa,--noexecstack"

CXXFLAGS="-march=native -O2 -pipe -fno-strict-aliasing -Wa,--noexecstack"

net-misc/openssh-5.9_p1-r3 was built with the following:

USE="X hpn (multilib) pam (selinux) tcpd -X509 -kerberos -ldap -libedit -skey -static"

localhost ssmtp # ssh-keygen -t ecdsa -b 128

Bits has bad value 128 (too small)

localhost ssmtp # ssh-keygen -t ecdsa -b 224

Bits has bad value 224 (too small)

localhost ssmtp # ssh-keygen -t ecdsa       

unknown key type ecdsa

localhost ssmtp # 

```

----------

## dman777

i upgraded to dev-libs/openssl-1.0.0e but still have this problem.

----------

## Hu

 *dman777 wrote:*   

> 
> 
> ```
> localhost ssmtp # ssh-keygen -t ecdsa -b 128
> 
> ...

 Those are not valid values.  The only valid values for ECDSA at this time are 256, 384, and 521.

 *dman777 wrote:*   

> i upgraded to dev-libs/openssl-1.0.0e but still have this problem.

 Did you also rebuild net-misc/openssh after you upgraded to =dev-libs/openssl-1.0.0e?

----------

## dman777

yes, and i down graded my openssh and still have the same problem. 

```

localhost ssmtp # ssh-keygen -t ecdsa -b 256

unknown key type ecdsa

localhost ssmtp # equery list openssh

 * Searching for openssh ...

[IP-] [  ] net-misc/openssh-5.8_p1-r1:0

localhost ssmtp #
```

----------

## dman777

ssh-keygen uses the client /etc/ssh_config, correct? I could not find any directive or mention of ecdsa in /etc/ssh_config.

EDIT: I filed a bug on this that has strace output: 

https://bugs.gentoo.org/show_bug.cgi?id=390937

UPDATE:

go it! thanks to vinky_ from #gentoo-hardened. ECC has some patents, so it is disabled by bindist. I had to disable bindist in openssl to get ECC to compile into the code.

----------

## Littlenux

Yes, both openSSL and openSSH modules have to be rebuils with the flag -bindist.

----------

