[Bug 2947] ssh-keygen generated keys are not read in by openssl

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 22 22:09:11 AEDT 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=2947

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |djm at mindrot.org
         Resolution|---                         |WONTFIX

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
OpenSSH stopped using PEM keys a few releases ago because the security
of the PEM password encryption is very bad and showed no signs of
improving. 

If you don't care about key theft and offline cracking of your key's 
passphrases then you can still use the PEM key format in OpenSSH:

ssh-keygen -m PEM -f /path -t type   # generate
ssh-keygen -m PEM -p -f /path        # convert new format to PEM

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list