From cb08248c33a9e0f57c1480d0289b632da5d77668 Mon Sep 17 00:00:00 2001
From: Artemis Tosini <me@artem.ist>
Date: Wed, 20 Jan 2021 20:36:55 +0000
Subject: Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)

* Add support for ed25519_sk and ecdsa_sk SSH keys

These start with sk-ssh-ed25519@openssh.com and sk-ecdsa-sha2-nistp256@openssh.com.
They are supported in recent versions of go x/crypto/ssh and OpenSSH 8.2
or higher.

* skip ssh-keygen

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
---
 modules/setting/setting.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules')

diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index c162c751c1..f69dd11ceb 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -142,7 +142,7 @@ var (
 		ServerMACs:          []string{"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96"},
 		KeygenPath:          "ssh-keygen",
 		MinimumKeySizeCheck: true,
-		MinimumKeySizes:     map[string]int{"ed25519": 256, "ecdsa": 256, "rsa": 2048},
+		MinimumKeySizes:     map[string]int{"ed25519": 256, "ed25519-sk": 256, "ecdsa": 256, "ecdsa-sk": 256, "rsa": 2048},
 	}
 
 	// Security settings
-- 
cgit v1.2.3