On 04/25/2014 08:53 AM, Robert Moskowitz wrote: > On 04/25/2014 08:07 AM, Reindl Harald wrote: >> Am 25.04.2014 13:57, schrieb Robert Moskowitz: >>> Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs? >>> >>> How do I test if this works? (though I should probably ask this on the >>> OpenSSL list) >>> >>> The reason I suspect a problem is that HIPL for Centos >>> (http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity, >>> whereas my Fedora installation IS creating the ECDSA HI >> the OpenSSL version does (one of the news in 6.5) >> but sadly OpenSSH was not rebuilt against the new OpenSSL >> so no, currently no ECDSA before RHEL7-Beta1 > This is not OpenSSH, but HIP for Linux. > > The HIPL binaries for Centos were compiled on a 6.5 system with all > current updates. Or so the developer told me :) > > Is there some switch that is needed? I checked with the HIPL developer and got: >HIPL checks during ./configure if ECC is missing from OpenSSL and disables all ECC code if it is unuvailable. So I am checking more into this. What is ./configure actually doing to check if ECC is present or not? Was there something wrong with my install, and I need to install again? That is is there a test I can do directly against my OpenSSL to determine if NOW I have ECC and did not have something right at that time? thanks all for any help