bugzilla-daemon at bugzilla.mindrot.org
2019-May-16 10:38 UTC
[Bug 3011] New: OPEN-SSH-8.0p1-KeyCompatibility Problem
https://bugzilla.mindrot.org/show_bug.cgi?id=3011
Bug ID: 3011
Summary: OPEN-SSH-8.0p1-KeyCompatibility Problem
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: karthikadiga123 at gmail.com
Keys generated with 8.0p1 server is rebooted and made up with 5.3p1
server. But sshd is not able to read the keys generated with new
version 8.0p1. How to fix this problem?
LOGS:
===========================debug3: checking syntax for 'Match (null)'
debug1: sshd version OpenSSH_5.3p1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Could not load host key: /etc/ssh/ssh_host_rsa_key
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-16 11:48 UTC
[Bug 3011] OPEN-SSH-8.0p1-KeyCompatibility Problem
https://bugzilla.mindrot.org/show_bug.cgi?id=3011
Jakub Jelen <jjelen at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jjelen at redhat.com
--- Comment #1 from Jakub Jelen <jjelen at redhat.com> ---
The OpenSSH since 7.8 generate new keys in the new format that is not
understood by OpenSSH 5.3. The release notes [1] explain it in a whole:
* ssh-keygen(1): write OpenSSH format private keys by default
instead of using OpenSSL's PEM format. The OpenSSH format,
supported in OpenSSH releases since 2014 and described in the
PROTOCOL.key file in the source distribution, offers substantially
better protection against offline password guessing and supports
key comments in private keys. If necessary, it is possible to write
old PEM-style keys by adding "-m PEM" to ssh-keygen's arguments
when generating or updating a key.
[1] http://www.openssh.com/txt/release-7.8
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-17 03:48 UTC
[Bug 3011] OPEN-SSH-8.0p1-KeyCompatibility Problem
https://bugzilla.mindrot.org/show_bug.cgi?id=3011
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
CC| |djm at mindrot.org
Status|NEW |RESOLVED
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-21 04:43 UTC
[Bug 3011] OPEN-SSH-8.0p1-KeyCompatibility Problem
https://bugzilla.mindrot.org/show_bug.cgi?id=3011 --- Comment #2 from Karthik Adiga <karthikadiga123 at gmail.com> --- Thanks Jakub. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 05:03 UTC
[Bug 3011] OPEN-SSH-8.0p1-KeyCompatibility Problem
https://bugzilla.mindrot.org/show_bug.cgi?id=3011
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.