SSH RSA1 keygen error with OpenSSL-0.9.7d
Darren Tucker
dtucker at zip.com.au
Wed Mar 24 22:48:38 EST 2004
Kumaresh wrote:
> Thanks Darren. The tests failed with BN_XXX tests.
> This was an issue with the optimization level when OpenSSL was built. The
> default optimization was +03 and this was changed to +01 and it worked now.
>
> But, now there is another problem in SSH-1 when I compiled OpenSSH-3.7.1p2
> with OpenSSL-0.9.7d. [The "make test" in OpenSSL passed].
>
> When I generate RSA1 key with the new ssh-keygen [with OpenSSL-0.9.7d],
> # ssh-keygen -b 1024 -t rsa1 -f /.ssh/identity
>
> The key created [in /.ssh/identity.pub], looks like:
> 1024 0 000000000100.............
>
> This is an invalid key. The exponent cannot be 0.
This does not fill me with confidence that OpenSSL is working properly :-)
Does "openssl genrsa" work? Try
openssl genrsa >tmpkey
openssl rsa -check -noout <tmpkey
openssl rsa -modulus -noout <tmpkey
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list