similar to: warning about keys too small

Hi, In our department's setup we have a unfortunate situation where we have to use both OpenSSH and SSH (ssh.com's version). I have managed to export keys from OpenSSH to SSH's format. I also managed to export SSH's public key to OpenSSH's format. Now I would like to add the private key of SSH to the agent. Now when I try to add it simply by using ssh-add

Hello all. I have been searching the web for a formula to get openssh and securecrt ssh2 keys working properly. Does anyone have a set of directions? I have attempted creating keys in securecrt and converting them (ssh-keygen) to OpenSSH keys. I have attempted using OpenSSH's keys, but nothing seems to take. Any advice will help. Thank you. OpenSSH v3.8 SecurCRT v4.1.7 -g

https://bugzilla.mindrot.org/show_bug.cgi?id=1630 Summary: ssh-keygen export of public keys (RFC4716 format) can include too-long lines Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P4 Component: ssh-keygen

Hi, I've compiled openssh 1.2.2 on Solaris 7/SPARC. On most hosts, things are fine. I get EGD going, compile openssh, and I can then generate hostkeys as described in the INSTALL file to get things running. On a few hosts though, the keygen fails like this: root at sylow:/source/USR_LOCAL/OFFICIAL/OPENSSH/ssh_client# ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' ksh:

Dear all, Ed25519 public keys being as small as they are is very convenient. There is an opportunity to nudge the world towards modern algorithms. I believe choices made in OpenSSH can positively impact the wider eco-system and industry. I'd like to suggest ssh-keygen to generate an Ed25519 keypair, if invoked without any arguments. OpenSSH has supported Ed25519 since version 6.5 (January

On 18.06.24 13:36, Stuart Henderson wrote: > Not sure whether anything should be done with it, but I noticed so > thought I'd mention: if you pass ssh-keygen -R a known_hosts file with > DSA sigs, you get "invalid line" warnings. Out of interest, did you, perchance, try running an ssh-keygen -l on a DSA-infested file? (I added a bit of extra IDS to our monitoring that

Hi, ssh-keygen is unable to change version 2 keys' comments (this was true in 2.9p2, and the changelog doesn't make me think this has changed), so I think this should be documented. Here's a patch to ssh-keygen.1 (It's based on an ssh-keygen patched with my previous patch). Cheers, Matthew --- ssh-keygen.1.orig Thu Sep 27 20:31:48 2001 +++ ssh-keygen.1 Thu Sep 27 20:40:32 2001

http://bugzilla.mindrot.org/show_bug.cgi?id=459 Summary: ssh-keygen doesn't know how to export private keys Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo: openssh-unix-dev at mindrot.org

I'm trying to move from SSH1 to OpenSSH 2.9.9p2, under Solaris 8. Initial setup and testing seems to work... including the generation of a new RSA key. The key was created with "ssh-keygen -t rsa" and a passphrase; nothing unusual. I can SSH between machines, both running 2.9.9p2, and debug messages show that this file is being correctly read (I think). It prompts me for the

https://bugzilla.mindrot.org/show_bug.cgi?id=2429 Bug ID: 2429 Summary: ssh-keygen ignores keys that have CKA_ID == 0 Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3761 Bug ID: 3761 Summary: ssh-keygen fails for security keys without attestation Product: Portable OpenSSH Version: 9.9p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3195 Bug ID: 3195 Summary: ssh-keygen unable to convert ED25519 public keys Product: Portable OpenSSH Version: 8.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

Stuart Henderson wrote: >> This is why I push for challenge/response tokens, not simply >> cert authentication, and really wish that FIDO (such as yubikey) >> was an option, but the discussions I've seen about suporting >> that have not been encouraging. > > hmm? That works pretty well in OpenSSH. hmm, what I'm finding doesn't seem to use the FIDO

http://bugzilla.mindrot.org/show_bug.cgi?id=566 Summary: ssh-keygen -l does not print key comment for rsa/dsa keys Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2145 Bug ID: 2145 Summary: ssh-keygen -R doesn't work when there are entries for "proxycommand" keys Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=1175 Summary: ssh-keygen is generating 2048 bit keys by default Product: Portable OpenSSH Version: 4.2p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo: bitbucket at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2366 Bug ID: 2366 Summary: ssh-keygen doesn't correctly decode new format GCM-encrypted keys Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component:

Using ssh-keygen from OpenSSH-2.9p1, I can perform the following key conversions: - convert a commercial public key into an OpenSSH public key: % ssh-keygen -i -f commercial-key.pub > openssh-key.pub - convert a commercial private key into an OpenSSH private key, provided that the commercial key has no password % ssh-keygen -i -f commercial-key > openssh-key -

When I try to create a dsa set of key files with -b 999, the key appears to be created with the default of 1024. This does not happen for type rsa or rsa1 keys. They get created with the number of bits I specified. I can't find this problem in the archives. DSA key generation: SY1 97 /SYSTEM/tmp> ssh-keygen -b 999 -t dsa Generating public/private dsa key pair. Enter file in which to

http://bugzilla.mindrot.org/show_bug.cgi?id=1119 Summary: Enhancement request for raising minimum acceptable key length. Product: Portable OpenSSH Version: 4.2p1 Platform: Other URL: http://www.rsasecurity.com/press_release.asp?doc_id=488& id=1034 OS/Version: All Status: NEW