On Wed, Feb 15, 2017 at 9:50 PM, Kelly Dunlop <kdunlop at guralp.com> wrote:> > > Hi, > > I am running openssh7.3p1 on an embedded Linux system and discovered this problem. > > If I run: > > ssh-keygen -t rsa1 -f testfile > > it appears to generate the key and I get the output: > > Generating public/private rsa1 key pair. > Enter passphrase (empty for no passphrase): > Enter same passphrase again: > Saving key "testfile" failed: unknown or unsupported key type > > Should this option be returning with a deprecated key type message ?It looks like a bug. git bisect points at 2aa9da1a3b360cf7b13e96fe1521534b91501fb5 is the first bad commit commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5 Author: djm at openbsd.org <djm at openbsd.org> Date: Tue Mar 24 01:29:19 2015 +0000 upstream commit Compile-time disable SSH protocol 1. You can turn it back on using the Makefile.inc knob if you need it to talk to ancient devices. That said, we're about to remove SSH1 support in the client (it's already gone from the server) so I'm not sure this is is ever going to be fixed... -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Fri, Feb 17, 2017 at 09:28:52AM +1100, Darren Tucker wrote: [...]> so yeah, ssh-keygen should have probably errored out "unsupported key type".diff --git a/sshkey.c b/sshkey.c index 4768790..f45e239 100644 --- a/sshkey.c +++ b/sshkey.c @@ -89,7 +89,9 @@ static const struct keytype keytypes[] = { { "ssh-ed25519-cert-v01 at openssh.com", "ED25519-CERT", KEY_ED25519_CERT, 0, 1 }, #ifdef WITH_OPENSSL +# ifdef WITH_SSH1 { NULL, "RSA1", KEY_RSA1, 0, 0 }, +# endif { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, # ifdef OPENSSL_HAS_ECC -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.