ssh-keygen OpenSSL 3.0 regression
dbelyavs at redhat.com
Thu Jul 22 00:25:15 AEST 2021
We've found out that ssh-keygen, when openssh is built against OpenSSL 3.0,
doesn't properly work with encrypted PKCS#8 private key files.
I've filed the bug https://bugzilla.mindrot.org/show_bug.cgi?id=3330 and
github PR https://github.com/openssh/openssh-portable/pull/264 to fix this
But I should mention that it's not the only change that is worth doing
taking into account the fact that OpenSSL 3.0 is in Beta1 stage. There are
a lot of warnings related to the usage of the deprecated functions.
I'm afraid that getting rid of the deprecation warnings is too huge a task
to be done in the nearest release, but I think it's definitely worth doing
and I can participate in it.
If necessary, I can provide the results of 'make tests' for the OpenSSL 3.0
More information about the openssh-unix-dev