Segfault on invalid SSH keys.

Steve Kemp steve at
Thu Oct 15 16:59:23 AEDT 2015

> >   Via fuzzing I discovered a key which will cause 
> >  the ssh-keygen process to segfault when fingerprinting
> >  via:
> > 
> >         ssh-keygen -l -f bogus.key
> Could you please share the key that causes this problem?

  The key was attached to the referenced bug report, but
 please find attached a copy to this mail.

  Usage is:

    $ gunzip
    $ ssh-keygen -l -f ./ 
    Segmentation fault

  (It also crashes when running "ssh -i user at host", but that's
 less interesting.)

-------------- next part --------------
A non-text attachment was scrubbed...
Type: application/gzip
Size: 41 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list