Don't validate points in known_hosts ECDSA keys

Point validation is really expensive and apparently unnecessary when we already trust the keys in our known_hosts file. With my current known_hosts file of 657 keys, this reduces the time taken to complete a remote task in fabric from 24 seconds to 7 seconds. This requires python-ecdsa >= 0.11. Closes #270.
author: Kieran Spear <kispear@gmail.com> 2014-03-31 12:01:32 +1100
committer: Kieran Spear <kispear@gmail.com> 2014-03-31 12:59:02 +1100
commit: 77b1aaccc6dcc17108da17dc609c81bdd4e9a0e5 (patch)
tree: 25bf49ea5f105abe1943648ad43a1df32c498694 /paramiko/hostkeys.py
parent: 5a430def22aa5cbd755f347c8714e4140d6cdcab (diff)
download: paramiko-77b1aaccc6dcc17108da17dc609c81bdd4e9a0e5.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py
index f32fbeb6..30031fad 100644
--- a/paramiko/hostkeys.py
+++ b/paramiko/hostkeys.py
@@ -324,7 +324,7 @@ class HostKeyEntry:
             elif keytype == 'ssh-dss':
                 key = DSSKey(data=decodebytes(key))
             elif keytype == 'ecdsa-sha2-nistp256':
-                key = ECDSAKey(data=decodebytes(key))
+                key = ECDSAKey(data=decodebytes(key), validate_point=False)
             else:
                 log.info("Unable to handle key of type %s" % (keytype,))
                 return None
author	Kieran Spear <kispear@gmail.com>	2014-03-31 12:01:32 +1100
committer	Kieran Spear <kispear@gmail.com>	2014-03-31 12:59:02 +1100
commit	77b1aaccc6dcc17108da17dc609c81bdd4e9a0e5 (patch)
tree	25bf49ea5f105abe1943648ad43a1df32c498694 /paramiko/hostkeys.py
parent	5a430def22aa5cbd755f347c8714e4140d6cdcab (diff)
download	paramiko-77b1aaccc6dcc17108da17dc609c81bdd4e9a0e5.tar.gz