openssh bugs - Dec 2018 - [Bug 2947] New: ssh-keygen generated keys are not read in by openssl

https://bugzilla.mindrot.org/show_bug.cgi?id=2947

            Bug ID: 2947
           Summary: ssh-keygen generated keys are not read in by openssl
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: Other
                OS: Windows 7
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: tschweikle at gmail.com

# ssh-keygen -t rsa -b 2048 -N "" -C "TestKey" -f id_gvm_rsa
Generating public/private rsa key pair.
id_gvm_rsa already exists.
Overwrite (y/n)? y
Your identification has been saved in id_gvm_rsa.
Your public key has been saved in id_gvm_rsa.pub.
The key fingerprint is:
SHA256:9NrSbEbjs8/5zXqSX7vVDwv7Ws7U0FBV+YGKOwXVmM0 TestKey
The key's randomart image is:
+---[RSA 2048]----+
|          ..* . B|
|         . o E + |
|        . o . . o|
|       . o o   o.|
|        S *   . .|
|         X .   o.|
|        o X . +.=|
|         + + Oo=*|
|          ..*+BB*|
+----[SHA256]-----+
# openssl req -x509 -days 2000 -new -key id_gvm_rsa -out
id_gvm_rsa-cert.pem
unable to load Private Key
140028946031680:error:0909006C:PEM routines:get_name:no start
line:../crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY

Handbook and examples state this shall work. It does not.
This breaks various tools and websites importing private or public
ssh-keys. They just fail.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2947

Jakub Jelen <jjelen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jjelen at redhat.com

--- Comment #1 from Jakub Jelen <jjelen at redhat.com> ---
The release notes [0] specify this pretty explicitly:

 * ssh-keygen(1): write OpenSSH format private keys by default
   instead of using OpenSSL's PEM format.

If you wish to generate the PEM files, use the -m PEM, which is
unfortunately undocumented either [1] yet.

[0] http://www.openssh.com/txt/release-7.8
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2904

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2947

--- Comment #2 from Thomas Schweikle <tschweikle at gmail.com> ---
It should not matter which format I wrote the keys out. Since the
private key is in all cases written in more or less pem-format.

Importing some ssh-keygen generated private key this way should work
out of the box. But it does not. Interestingly if I generate the key
pair using openssl I can import this key and use it together with ssh!
Even ssh-keygen accepts this key and exports an ssh-format public key
from it.

So what does ssh-keygen do other than openssl while writing a key out?
The private key written by ssh-keygen is only usable by ssh-keygen,
while the private key written by openssl is usable by both: ssh-keygen
and openssl!

# openssl genpkey -algorithm RSA -out id_rsa.key -pkeyopt
rsa_keygen_bits:2048 && chmod 0600 id_rsa.key
# openssl rsa -pubout -in id_rsa.key -out id_rsa.pem && chmod 0600
$id_rsa.pem
# cp id_rsa.key id_rsa
# ssh-keygen -y -f id_rsa > id_rsa.pub

but

# ssh-keygen -t rsa -b 2048 -N "" -C "" -f id_rsa
# openssl rsa -pubout -in id_rsa.key -out id_rsa.pem

Creates a key openssl chocs on:
unable to load Private Key
140028946031680:error:0909006C:PEM routines:get_name:no start
line:../crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY

Visually there is no difference with these files (except for the key).

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2947

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |djm at mindrot.org
         Resolution|---                         |WONTFIX

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
OpenSSH stopped using PEM keys a few releases ago because the security
of the PEM password encryption is very bad and showed no signs of
improving. 

If you don't care about key theft and offline cracking of your key's 
passphrases then you can still use the PEM key format in OpenSSH:

ssh-keygen -m PEM -f /path -t type   # generate
ssh-keygen -m PEM -p -f /path        # convert new format to PEM

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2947

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.