ssh-keygen OpenSSL 3.0 regression

Dmitry Belyavskiy dbelyavs at
Thu Jul 22 00:25:15 AEST 2021


We've found out that ssh-keygen, when openssh is built against OpenSSL 3.0,
doesn't properly work with encrypted PKCS#8 private key files.

I've filed the bug and
github PR to fix this

But I should mention that it's not the only change that is worth doing
taking into account the fact that OpenSSL 3.0 is in Beta1 stage. There are
a lot of warnings related to the usage of the deprecated functions.

I'm afraid that getting rid of the deprecation warnings is too huge a task
to be done in the nearest release, but I think it's definitely worth doing
and I can participate in it.

If necessary, I can provide the results of 'make tests' for the OpenSSL 3.0

Dmitry Belyavskiy

More information about the openssh-unix-dev mailing list