ssh-keygen -l for Privkey reports on Pubkey

[Jochen Bern]

Hello everyone,

we had the pubkey file of an SSH keypair damaged during the transfer to 
the target system today, and a part of the resulting confusion resulted 
from the fact that when you ask ssh-keygen to fingerprint the *priv*key, 
the output may actually represent the *pub*key file's content instead. 
Reproduced on another machine:

$ ssh-keygen -t rsa -b 2048 -C foo -f orig
$ cp orig priv
$ ssh-keygen -l -f priv
2048 SHA256:H6C194FiLbvQWXhhGbHcEeJrCPrIk2uI0cEs5fEHiy8 foo (RSA)

(No pubkey file -> data from the privkey.)

$ sed -e 's/$/-bar/' orig.pub > priv.pub
$ ssh-keygen -l -f priv
2048 SHA256:H6C194FiLbvQWXhhGbHcEeJrCPrIk2uI0cEs5fEHiy8 foo-bar (RSA)

(*Changed* comment from the pubkey file.)

$ sed -e 's/$/-bar/' -e 's/^s//' orig.pub > priv.pub
$ ssh-keygen -l -f priv
2048 SHA256:H6C194FiLbvQWXhhGbHcEeJrCPrIk2uI0cEs5fEHiy8 foo (RSA)

(*Broken* pubkey -> data from the privkey.)

$ sed -e 's/$/-bar/' -e 's/0/1/' orig.pub > priv.pub
$ ssh-keygen -l -f priv
2048 SHA256:SYhgtUsy0c0zEj4avKjiiqd+FyTXQeA+Tzq9wIafnhU foo-bar (RSA)

(Pubkey with *some* flipped bits -> still gets accepted -> fingerprint 
and comment from the pubkey file.)

$ sed -e 's/$/-bar/' -e 's/[1-9]/0/g' orig.pub > priv.pub
$ ssh-keygen -l -f priv
2048 SHA256:H6C194FiLbvQWXhhGbHcEeJrCPrIk2uI0cEs5fEHiy8 foo (RSA)

(Pubkey with *major* modifications -> apparently found not to match the 
privkey -> data from the privkey.)

$ ssh -V
OpenSSH_8.7p1, OpenSSL 1.1.1n  FIPS 15 Mar 2022

... is this behavior intentional?

Thanks in advance,
-- 
Jochen Bern
Systemingenieur

Binect GmbH
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3449 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220525/f7fbe11e/attachment.p7s>