Displaying 7 results from an estimated 7 matches for "ssh_err_key_wrong_passphrase".
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
...sh-keygen.c
@@ -275,7 +275,8 @@ load_identity(char *filename)
struct sshkey *prv;
int r;
- if ((r = sshkey_load_private(filename, "", &prv, NULL)) == 0)
+ if ((r = sshkey_load_private_type(KEY_UNSPEC, filename, "",
+ &prv, NULL)) == 0)
return prv;
if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
fatal("Load key \"%s\": %s", filename, ssh_err(r));
@@ -283,7 +284,7 @@ load_identity(char *filename)
pass = xstrdup(identity_passphrase);
else
pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
- r = sshkey_load_private(filename, pass, &prv,...
2017 Oct 26
3
[RFC 0/2] add engine based keys
Engine keys are private key files which are only understood by openssl
external engines. ?The problem is they can't be loaded with the usual
openssl methods, they have to be loaded via ENGINE_load_private_key().
?Because they're files, they fit well into openssh pub/private file
structure, so they're not very appropriately handled by the pkcs11
interface because it assumes the private
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...00644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -111,6 +111,29 @@ clear_pass(void)
}
}
+static int
+add_engine_key(int agent_fd, const char *file, const char *engine)
+{
+ int ret;
+ char *pin = NULL;
+
+ ret = ssh_add_engine_key(agent_fd, file, engine, NULL, lifetime, confirm, maxsign);
+ if (ret == SSH_ERR_KEY_WRONG_PASSPHRASE) {
+ pin = read_passphrase("Enter engine key passphrase:", RP_ALLOW_STDIN);
+ if (!pin)
+ return -1;
+ ret = ssh_add_engine_key(agent_fd, file, engine, pin, lifetime, confirm, maxsign);
+ }
+ if (ret != SSH_AGENT_SUCCESS) {
+ fprintf(stderr, "failed to add engine key: %s\n"...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...?? ?*commentp = NULL;
-?? ?if ((r = sshkey_load_private(filename, "", &prv, commentp)) == 0)
+?? ?if (vault_infop != NULL)
+?? ??? ?*vault_infop = NULL;
+?? ?if ((r = sshkey_load_private(filename, "", &prv, commentp,
vault_infop)) == 0)
??? ??? ?return prv;
??? ?if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
??? ??? ?fatal("Load key \"%s\": %s", filename, ssh_err(r));
@@ -326,7 +328,7 @@ load_identity(const char *filename, char **commentp)
??? ??? ?pass = xstrdup(identity_passphrase);
??? ?else
??? ??? ?pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
-?? ?r...
2016 Jan 08
24
[Bug 2522] New: Key parser should reflect errors from OpenSSL
https://bugzilla.mindrot.org/show_bug.cgi?id=2522
Bug ID: 2522
Summary: Key parser should reflect errors from OpenSSL
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: ssh
2020 Feb 05
19
Call for testing: OpenSSH 8.2
Hi,
OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a feature release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at