bugzilla-daemon at bugzilla.mindrot.org
2016-May-05 19:59 UTC
[Bug 2567] New: Wrong terminology used for ssh-keygen "-m" option
https://bugzilla.mindrot.org/show_bug.cgi?id=2567
Bug ID: 2567
Summary: Wrong terminology used for ssh-keygen "-m" option
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
Reporter: kazakevichilya at gmail.com
According to "man ssh-config", "-m" support following
formats: "?PKCS8?
(PEM PKCS8 public key)" and "?PEM? (PEM public key)".
This is not true. First of all they are both PEM (Base64 encoded DER).
And PKCS8 is for *private* keys only. What you call "PKCS8" is
"SubjectPublicKeyInfo" and it is encoded in PEM.
What you call "PEM" is RSA public key encoded in PEM.
People are confused:
http://crypto.stackexchange.com/questions/27913/why-can-ssh-keygen-export-a-public-key-in-pem-pkcs8-format
http://crypto.stackexchange.com/questions/35093/why-ssh-gen-makes-difference-between-pem-and-pkcs8
"PKCS8" is better be called "SubjectPublicKeyInfo" or
"AnyPublicKey"
and "PEM" should be "RSAPublicKey" or
"RSAEncryption".
--
You are receiving this mail because:
You are watching the assignee of the bug.
Seemingly Similar Threads
- [PATCH] ssh-keygen: support public key import/export using SubjectPublicKeyInfo
- public key format
- ssh-keygen :: PEM_write_RSA_PUBKEY failed
- [PATCH 1/3] Add private key protection information extraction to ssh-keygen
- [Bug 3195] New: ssh-keygen unable to convert ED25519 public keys
Wisdom of the Ancients
