openssh bugs - Oct 2017 - [Bug 2788] New: ssh(1) man page should note id_rsa encryption now uses AES, not 3DES

https://bugzilla.mindrot.org/show_bug.cgi?id=2788

            Bug ID: 2788
           Summary: ssh(1) man page should note id_rsa encryption now uses
                    AES, not 3DES
           Product: Portable OpenSSH
           Version: 7.6p1
          Hardware: Other
               URL: https://bugs.debian.org/614818
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: Documentation
          Assignee: unassigned-bugs at mindrot.org
          Reporter: cjwatson at debian.org

In https://bugs.debian.org/614818, Calum Mackay reported the following,
and I've checked that this is still the case in 7.6p1:


In the FILES section of ssh(1), it says:

     ~/.ssh/id_rsa
             Contains the private key for authentication.  These files
contain
             sensitive data and should be readable by the user but not
acces?
             sible by others (read/write/execute).  ssh will simply
ignore a
             private key file if it is accessible by others.  It is
possible
             to specify a passphrase when generating the key which will
be
             used to encrypt the sensitive part of this file using
3DES.

However, in a recent release, ssh-keygen has switched to using AES, not
3DES, to encrpyt the private key. This is noted in the ssh-keygen(1)
page,
in this same pkg:

     ~/.ssh/id_rsa
             Contains the protocol version 2 DSA, ECDSA or RSA
authentication
             identity of the user.  This file should not be readable by
anyone
             but the user.  It is possible to specify a passphrase when
gener?
             ating the key; that passphrase will be used to encrypt the
pri?
             vate part of this file using 128-bit AES.  [...]


This section should probably be the same across both man pages.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2788

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED
             Blocks|                            |2782

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Thanks, I've a fix


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=2782
[Bug 2782] Tracking bug for OpenSSH 7.7 release
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2788

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after release of OpenSSH 7.7.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.