OpenSSH accepted keys specification

[Jakub Jelen]

Hello list.

Based on the current behavior of openssh tools, which are asking for 
passphrase even without recognizing the key type from header, I was 
searching for some specification, format or description of the key types 
accepted and handled by openssh, but without any success. Nor browsing 
source code helped.

I tried several key types in both old or new formats, with or without 
passphrase, but if I removed header, openssh asked for the passphrase 
but was never able to decode the key. I am aware of the file [1] which 
describes new protocol format, but that one has strict header in 
specification.

What is the reason behind decoding every blob received from a file, even 
if it does not have the proper header? I guess there are some historical 
reasons but I would like to get more information about this topic.

(Background is discussion in our bug [2] about behavior of RSA1 keys 
with openssh compiled without RSA1 support, where I got to the dead end 
of my knowledge and of what I was able to find out myself.)

[1] https://anongit.mindrot.org/openssh.git/tree/PROTOCOL.key
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1282423

Thank you in advance,

-- 
Jakub Jelen
Security Technologies
Red Hat