[Bug 3429] New: Confusing error message from `ssh-keygen -Y sign` when private key is not in agent

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu May 5 23:56:44 AEST 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3429

            Bug ID: 3429
           Summary: Confusing error message from `ssh-keygen -Y sign` when
                    private key is not in agent
           Product: Portable OpenSSH
           Version: v9.0p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: adaszko at gmail.com

Hi,

The `ssh-keygen -Y sign` command produces a confusing "invalid format"
message:

    $ ./ssh-keygen -Y sign -n git -f
/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpYT1apW
mac.c
    Load key
"/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpYT1apW":
invalid format

The key isn't in fact malformed -- it's a valid *public* key:

    $ cat
/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpYT1apW
    ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIEC1BkuWP6vSf+4ud6IrkQz8TWlV6cQlwpKlgvpj0j/B
adaszko at gmail.com

The reason for this behavior is the fallback mechanism at [1]. 
Normally, the filename path passed as `-f` option is interpreted as a
*public* key, but when the corresponding *private* key is missing from
ssh-agent, ssh-keygen tries to interpret the file as a *private* key,
which fails with the above error message.  Everything works fine when
the private key is present in ssh-agent.

This becomes even more confusing when it's invoked by git to sign a
commit:

    $ git commit --amend -S --no-edit
    error: Load key
"/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpkArSj7":
invalid format?
    fatal: failed to write commit object

I'm happy to contribute a patch but it isn't entirely clear to me what
the best course of action would actually be in this case.  Displaying a
warning when the fallback fires?  Remove the fallback altogether? 
There's backward compatibility issues with the latter.  I'd appreciate
some input on the issue.

All the best
— Adam

[1]
https://github.com/openssh/openssh-portable/blob/457dce2cfef6a48f5442591cd8b21c7e8cba13f8/ssh-keygen.c#L2675-L2692

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list