Hello, I'm having a problem with my ssh client, on FreeBSD 5.4 and 6.1 the same issue. OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e 25 Oct 2004 but also same problem with OpenSSH_4.3 When I make a key, everything goes fine. When I try to change the password on the key it give me the 'PEM_read_PrivateKey failed' problem, this also prevents me from connecting to another host. Below small debug of creation of keys + trying to change the password. I'm sure that I type in the password correct, even though it indicates it is not !! 1. Creation of key (afterward I perform a - chmod 600 test* ) afabry at ducati-748 21:18 % ssh-keygen -t dsa -b 1024 Generating public/private dsa key pair. Enter file in which to save the key (/home/afabry/.ssh/id_dsa): /home/afabry/.ssh/test Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/afabry/.ssh/test. Your public key has been saved in /home/afabry/.ssh/test.pub. The key fingerprint is: 1c:45:31:f9:f4:62:ad:d1:66:5d:9c:8a:4c:1b:48:d6 afabry at ducati-748.3rdrock.kicks-ass.net 2. Changing the password afabry at ducati-748 21:20 % ssh-keygen -v -p -f .ssh/test.pub debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> Enter old passphrase: debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> Bad passphrase. I'm hoping you can help me with this problem. I've already googled like crazy but haven't +found a solution anywhere. Many thanks in advance. Alain
On Sat, Nov 18, 2006 at 06:04:14PM +0100, Alain G. Fabry wrote:> When I try to change the password on the key it give me the > 'PEM_read_PrivateKey failed' problem, this also prevents me from > connecting to another host.[..]> 2. Changing the password > > afabry at ducati-748 21:20 % ssh-keygen -v -p -f .ssh/test.pub-f takes the private key file as argument. Drop .pub> debug1: PEM_read_PrivateKey failed > debug1: read PEM private key done: type <unknown> > Enter old passphrase: > debug1: PEM_read_PrivateKey failed > debug1: read PEM private key done: type <unknown> > Bad passphrase.The error message could be more informative I suppose. ssh-keygen tries to do what you told it - read a private key from test.pub, and it reads a key of type <unknown>. It asks for the passphrase and tries to use the passphrase to decrypt the private key read from the file, in order to get a key of a known type. Since decrypting with the passphrase produced a key of type <unknown> ssh-keygen assumes that the incorrect passphrase was given. Needless to say this does not work when the input is not a key of the correct format. I don't think it is possible to recognize an encrypted private key, hence ssh-keygen can't tell when it gets the wrong input. (Or can it?) //Peter