[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Mar 29 19:19:34 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2699

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I can't replicate this on either OpenBSD or Linux (Ubuntu variant). I
tried the key you provided and one that I generated:

$ ssh-keygen -t rsa -f k -C '' -N ''
Generating public/private rsa key pair.
Your identification has been saved in k.
Your public key has been saved in k.pub.
The key fingerprint is:
SHA256:m4QOVbZ5Q5sWhFIox47fgcUManmU2RNzIJJfYl9SmNw 
The key's randomart image is:
+---[RSA 2048]----+
|    .o+ at BX*      |
|    o=X+&*E+     |
|    +BoBo+*      |
|   ..o+.oo .     |
|    ....S.       |
|     o...o       |
|      . o        |
|                 |
|                 |
+----[SHA256]-----+
$ openssl pkcs8 -topk8 -in k -out k.pem -v2 AES-128-CBC
Enter Encryption Password:
Verifying - Enter Encryption Password:
$ chmod 0600 k.pem 
$ ssh-keygen -yf k.pem 
Enter passphrase: 
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQD0cTGZ+1cqjei8PdYa7FoFUHYsUST7jTneMP+FktaD3RKqrkpKQdvTBfRqcYUeiwscgqmKa5KYvNvz2GXhO3Nk6Pe46MI9CC+bKoR/Gt+okQU54zua4TlmRRsPxQdGat6vtcD7bPeFcIpXLGt4troMs7VVSBgrVI1Z+QG2v41L85l360vsmo5mVDDKWODlG7D0QyulJpf9WVuAD9fAorBKh5hA2mcWLYiInD9uxsw3xst0nPnQdHXvTNkfF2u8LD6Hurh5ewYu58a8RSozCDqSn0s3F0Sm5oO4oJw+zd1QG/ljJ/fn2bPr2RCUx9L2CkjQcQAFZm13flx8tg77pJ+Z
$ ./ssh-keygen -yf k.pem 
Enter passphrase: 
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQD0cTGZ+1cqjei8PdYa7FoFUHYsUST7jTneMP+FktaD3RKqrkpKQdvTBfRqcYUeiwscgqmKa5KYvNvz2GXhO3Nk6Pe46MI9CC+bKoR/Gt+okQU54zua4TlmRRsPxQdGat6vtcD7bPeFcIpXLGt4troMs7VVSBgrVI1Z+QG2v41L85l360vsmo5mVDDKWODlG7D0QyulJpf9WVuAD9fAorBKh5hA2mcWLYiInD9uxsw3xst0nPnQdHXvTNkfF2u8LD6Hurh5ewYu58a8RSozCDqSn0s3F0Sm5oO4oJw+zd1QG/ljJ/fn2bPr2RCUx9L2CkjQcQAFZm13flx8tg77pJ+Z
[djm at demiurge openssh]$ ssh -V
OpenSSH_7.2p2, OpenSSL 1.0.1f 6 Jan 2014
[djm at demiurge openssh]$ ./ssh -V
OpenSSH_7.5p1, OpenSSL 1.0.1f 6 Jan 2014

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list