openssh unix dev - Jan 2024 - How to determine which cipher was used to encrypt OpenSSH private keys

Hi,
looking through the key specification, you can see that its the second
field in the key file:

https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11

It looks like there is no convenient way to get this information with
openssh cli, but given that the file format is just base64 encoded,
you can read it out with something like this:

$ cat /tmp/rsa | head -n -1 | tail -n +2 | base64 -d | hexdump -C | head -n 2
00000000  6f 70 65 6e 73 73 68 2d  6b 65 79 2d 76 31 00 00  |openssh-key-v1..|
00000010  00 00 0a 61 65 73 32 35  36 2d 63 74 72 00 00 00  |...aes256-ctr...|

In this case, this key is aes256-ctr encrypted.

Jakub

On Mon, Jan 22, 2024 at 5:27?PM SCOTT FIELDS <Scott.Fields at kyndryl.com>
wrote:
>
>
>
> As part of audit due diligence, we need to determine which cipher was used
to encrypt OpenSSH private keys, but I don't see any command option to view
this for a given SSH private key file.
>
>
> Scott
>
> Kyndryl
>
> Senior Lead SRE ? BNSF
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>

On Mon, 22 Jan 2024, Jakub Jelen wrote:
> Hi,
> looking through the key specification, you can see that its the second
> field in the key file:
> 
> https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11
> 
> It looks like there is no convenient way to get this information with
> openssh cli, but given that the file format is just base64 encoded,
> you can read it out with something like this:
> 
> $ cat /tmp/rsa | head -n -1 | tail -n +2 | base64 -d | hexdump -C | head -n
2
> 00000000  6f 70 65 6e 73 73 68 2d  6b 65 79 2d 76 31 00 00 
|openssh-key-v1..|
> 00000010  00 00 0a 61 65 73 32 35  36 2d 63 74 72 00 00 00 
|...aes256-ctr...|
> 
> In this case, this key is aes256-ctr encrypted.
You could use something like the attached python script if you don't want
to stare at hexdumps :)
-------------- next part --------------
#!/usr/bin/env python3

import sys
import base64

BEGIN="-----BEGIN OPENSSH PRIVATE KEY-----\n"
END="\n-----END OPENSSH PRIVATE KEY-----"
BLOBSTART=b"openssh-key-v1\x00"

for f in sys.argv[1:]:
	d64 = open(f, "rt").read()
	o = d64.find(BEGIN)
	if o == -1:
		raise ValueError("{} missing begin marker".format(f))
	d64 = d64[o + len(BEGIN):]
	o = d64.find(END)
	if o == -1:
		raise ValueError("{} missing end marker".format(f))
	d64 = d64[:o]
	d = base64.b64decode(d64)
	if d[:len(BLOBSTART)] != BLOBSTART:
		raise ValueError("{} missing blob preamble".format(f))
	d = d[len(BLOBSTART):]
	l = (d[0] << 24) | (d[1] << 16) | (d[2] << 8) | d[3]
	alg = d[4: 4+l].decode("utf-8")
	print("{}: {}".format(f, alg))