How to determine which cipher was used to encrypt OpenSSH private keys
Jakub Jelen
jjelen at redhat.com
Tue Jan 23 03:43:17 AEDT 2024
Hi,
looking through the key specification, you can see that its the second
field in the key file:
https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11
It looks like there is no convenient way to get this information with
openssh cli, but given that the file format is just base64 encoded,
you can read it out with something like this:
$ cat /tmp/rsa | head -n -1 | tail -n +2 | base64 -d | hexdump -C | head -n 2
00000000 6f 70 65 6e 73 73 68 2d 6b 65 79 2d 76 31 00 00 |openssh-key-v1..|
00000010 00 00 0a 61 65 73 32 35 36 2d 63 74 72 00 00 00 |...aes256-ctr...|
In this case, this key is aes256-ctr encrypted.
Jakub
On Mon, Jan 22, 2024 at 5:27 PM SCOTT FIELDS <Scott.Fields at kyndryl.com> wrote:
>
>
>
> As part of audit due diligence, we need to determine which cipher was used to encrypt OpenSSH private keys, but I don't see any command option to view this for a given SSH private key file.
>
>
> Scott
>
> Kyndryl
>
> Senior Lead SRE – BNSF
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list