SSH RSA1 keygen error with OpenSSL-0.9.7d

Kumaresh kumaresh_ind at gmx.net
Wed Mar 24 20:30:51 EST 2004


> Kumaresh wrote:
> > I have compiled OpenSSL-0.9.7d - the lastest version and when
> > OpenSSH-3.7.1p2 is compiled with this ssl library [0.9.7d], I am getting
the
> > following error when SSH-1 connection is done.
> > I am using HP-UX IPF box and
> > I am doing 32 bit compilation only. Even I have changed the optimization
> > level for OpenSSL and no use.
>
> Does OpenSSL's "make test" self-test pass?

Thanks Darren. The tests failed with BN_XXX tests.
This was an issue with the optimization level when OpenSSL was built. The
default optimization was +03 and this was changed to +01 and it worked now.

But, now there is another problem in SSH-1 when I compiled OpenSSH-3.7.1p2
with OpenSSL-0.9.7d. [The "make test" in OpenSSL passed].

When I generate RSA1 key with the new ssh-keygen [with OpenSSL-0.9.7d],
# ssh-keygen -b 1024 -t rsa1 -f /.ssh/identity

The key created  [in /.ssh/identity.pub], looks like:
1024 0 000000000100.............

This is an invalid key. The exponent cannot be 0. So the SSH-1 connection
with RSA authentication is not working. But, other keys like DSA and RSA
works fine as the keys generated are proper and so there are no issues with
SSH-2.

If I generate the key using the older build, i.e., OpenSSH-3.7.1p2 built
with OpenSSL-0.9.7c, the key for RSA1 is:
1024 35 150857062.....

Any ideas?

Advance thanks,
Kumaresh.






---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.576 / Virus Database: 365 - Release Date: 1/30/2004




More information about the openssh-unix-dev mailing list