OpenSSH private key encryption: time for AES?

Jim Knoble jmknoble at
Fri Jan 23 07:59:26 EST 2009

Circa 2009-01-22 14:49 dixit Jim Knoble:
: Circa 2009-01-20 23:16 dixit Damien Miller:
: : The key encryption for SSH protocol 2 keys is done by OpenSSL's PEM
: : functions, so AES should be supported by any OpenSSL version that supports
: : AES in PEM. IIRC this has been supported for a number of years.
: If older OpenSSH (to a point) would "just work" reading private keys
: encrypted with AES-256, then that's fantastic, and no need for any
: further options to ssh-keygen.
: : If we change then it should be to the best encryption that is supported by
: : widely deployed SSL/OpenSSH versions.
: Agreed.  Private keys are short, and even if decryption happens
: frequently, it takes much longer to enter a passphrase than to decrypt
: the key (and both decryption and passphrase can be mitigated via
: ssh-agent).

I've moved this into Bugzilla bug #1550
<> for tracking,
including Darren's comments about Solaris 10 and OpenSSL keylength

jim knoble  |  jmknoble at  |
(GnuPG key ID: C6F31FFA  >>>>>> )
(GnuPG fingerprint: 99D8:1D89:8C66:08B5:5C34::5527:A543:8C33:C6F3:1FFA)
|[L]iberty, as we all know, cannot flourish in a country that is perma-|
| nently on a war footing, or even a near-war footing.  --Aldous Huxley|

More information about the openssh-unix-dev mailing list