[Bug 2901] ssh-keygen generates an invalid key sometimes
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Sep 21 23:57:08 AEST 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2901
--- Comment #5 from Alexander Sergeyev <sergeev917 at gmail.com> ---
(In reply to Damien Miller from comment #4)
>Can you try loading one of the broken keys using "openssl ec -noout
>-text -in /path/key"?
Openssl is able to load the offending key:
note: running version OpenSSH_7.8p1, OpenSSL 1.0.2p 14 Aug 2018
[attempt #224] found a broken key (passphrase = 12345678):
+ env DISPLAY= SSH_ASKPASS=/bin/false ssh-keygen -y -f testkey
Load key "testkey": invalid format
+ openssl ec -noout -text -in testkey -passin file:./passphrase
read EC key
Private-Key: (521 bit)
priv:
01:be:d9:aa:d9:a3:e1:27:73:62:36:09:69:ca:60:
4c:90:f6:ad:45:1f:a6:15:19:a5:f0:9f:3c:86:3b:
3f:16:c7:5f:a7:54:a8:27:94:3f:27:1e:85:36:42:
85:d6:f5:7c:78:b8:41:7b:39:9e:66:e1:84:f6:f9:
da:9e:2d:7f:d5:50
pub:
04:01:84:66:d3:cf:b7:9e:95:83:b6:10:ba:1a:c4:
53:69:59:e4:c5:66:e3:34:a8:0c:ac:5e:03:22:6f:
54:23:26:dc:7d:be:ce:11:70:79:1c:10:b3:a4:dc:
09:87:75:34:8d:67:04:04:d4:45:2f:f5:43:fe:62:
63:6b:c9:34:1f:11:e8:01:9d:8d:dd:44:f7:5c:85:
7f:0c:78:07:4a:d1:2e:3b:bd:39:59:46:06:e5:17:
d5:db:12:c8:c1:34:00:4a:17:de:dd:7c:f2:ea:79:
c6:07:0c:6e:3f:30:df:70:ce:3a:51:c4:81:1e:e9:
cc:a0:b7:8b:05:d7:df:00:4c:45:6c:a5:dc
ASN1 OID: secp521r1
NIST CURVE: P-521
> Does openssl generate bad keys on its own? Try "openssl ecparam
> -genkey -name secp521r1 -noout"
It's not about a bad key, but about key encryption using a passphrase.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list