unsupported public key algorithm: [email protected] [ #214
Comments
|
Something we inherited from Gentoo. When configured for binary redistribution the openssl build disables EC due to patent concerns. For extra cuteness the comment is particularly vague: https://github.com/coreos/portage-stable/blob/master/dev-libs/openssl/openssl-1.0.1j.ebuild#L119 I haven't the foggiest idea where the vague 2015 date came from but unless some strong need comes up I'm content with just following Gentoo on this. |
|
For reference that comment dates back to this commit: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-0.9.7e-r1.ebuild?hideattic=0&r1=1.6&r2=1.7&pathrev=MAIN |
|
hm is it possible to support this? |
|
hm fedora supports this, so i can not imagine there is a patent problem |
|
If you feel that ECC [implementations] should be removed from OpenSSL, you should remove it from your works written in Go, distributed as binaries with CoreOS, as well: See also:
|
|
For reference, the upstream Gentoo bug: https://bugs.gentoo.org/show_bug.cgi?id=531540 |
|
This should totally be enabled. No brainer. |
crawford
added
kind/friction
component/distro
team/os
priority/P1
and removed
component/other
kind/question
labels
|
I just tried bootstrapping python with https://github.com/defunctzombie/ansible-coreos-bootstrap but with pypy version upgraded to latest 4.0.1 and without EC extensions it doesn't work. After manual ssl upgrade it works just fine. It seems to be the only lacking functionality to run 4.0.1 on CoreOS. |
|
Is there any plan to address this issue? It's been over a year. |
|
I would like to see this supported as well. |
|
EC will finally be available in this weeks alpha :) |
is there a reason to not support this?
'''userauth_pubkey: unsupported public key algorithm: [email protected] [preauth]'''
The text was updated successfully, but these errors were encountered: