corrupt client keys question

Pete Flugstad peteflugstad at
Fri Nov 14 02:22:10 EST 2003

summary: I have a situation in which a private RSA key has been
corrupted, but it's still possible to log into a SSH server using that
file.  This is with OpenSSH 3.6.1p2 Debian.

I have a SSH public/private key pair generated with "ssh-keygen -t
rsa".  I can use the private key to successfully log into a SSH server
which has the public key in it's the authorized_keys file.

I can also make a copy of the SSH private key, edit the file and
change some characters, such as making them lowercase.  Assuming that
the ssh client will still read the file (which depends on where the
file is corrupted) I can still use this corrupted file and STILL
successfully log into the SSH server.

Running openssl rsa -check on the corrupted private confirms it's corrupt:

  > $ openssl rsa -in rsa-corrupt1 -check
  > RSA key error: dmp1 not congruent to d
  > ...
  > $

I can understand the SSH client not checking that the private key is
valid, but I would expect that this would be uncovered when the SSH
server attempts to verify the signature?

Anyone got a clue on how this is working, or am I just getting lucky
on which part of the SSH private key I corrupt is not used for the

Pete Flugstad

More information about the openssh-unix-dev mailing list