Displaying 20 results from an estimated 10000 matches similar to: "How to determine which cipher was used to encrypt OpenSSH private keys"
2024 Jan 22
1
How to determine which cipher was used to encrypt OpenSSH private keys
Hi,
looking through the key specification, you can see that its the second
field in the key file:
https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11
It looks like there is no convenient way to get this information with
openssh cli, but given that the file format is just base64 encoded,
you can read it out with something like this:
$ cat /tmp/rsa | head -n -1 | tail -n +2 |
2024 Jan 23
2
How to determine which cipher was used to encrypt OpenSSH private keys
On Mon, 22 Jan 2024, Jakub Jelen wrote:
> Hi,
> looking through the key specification, you can see that its the second
> field in the key file:
>
> https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11
>
> It looks like there is no convenient way to get this information with
> openssh cli, but given that the file format is just base64 encoded,
> you
2024 Jan 24
1
How to determine which cipher was used to encrypt OpenSSH private keys
And given that this code is reading your private key files, I guess I should have added "if you trust its developer"
Otherwise, I'd stick with the shell script or python snippet.
2013 May 23
1
Time for key stretching in encrypted private keys?
In 0.9.7 the private key encryption was switched from 3DES to AES,
(https://bugzilla.mindrot.org/show_bug.cgi?id=1550) the motivation for this
being that 128-bits of security is better than the 112 or so you get from
3DES these days. Interestingly that bug is about upgrading to AES-256, but
we ended up with AES-128. Presumably due to the Solaris crippling?
However ssh-keygen still uses a
2002 May 14
0
[Bug 242] New: cipher.c doesn't compile in openssh-3.1p1 (i386-solaris2.8-gcc)
http://bugzilla.mindrot.org/show_bug.cgi?id=242
Summary: cipher.c doesn't compile in openssh-3.1p1 (i386-
solaris2.8-gcc)
Product: Portable OpenSSH
Version: 3.1p1
Platform: ix86
OS/Version: Solaris
Status: NEW
Severity: minor
Priority: P3
Component: Miscellaneous
AssignedTo:
2013 Aug 14
1
Patch to log the cipher suite used for TLS
Hello,
the attached patch for Dovecot 2.2.4 improves the logging to include
information about the cipher suite used for a TLS connection. Here is
an example log line:
Aug 13 21:49:55 colwyn dovecot: imap-login: Login: user=<tron>, method=CRAM-MD5, rip=2001:8b0:114:1::2, lip=2001:8b0:114:1::2, mpid=10567, TLS=<TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)>,
2005 May 19
1
ssh-keygen private keys export - new feature
Hello,
I had some difficulties in order to convert private keys between different
implementations of SSH.
So, I wrote the following patch to allow export of SSH2 RSA and DSA private
keys into IETF SECSH format.
Note that I also slightly revised the IETF SECSH key import code.
Usage: use of the "-e" option on a private key file generates an unencrypted
private key file in IETF SECSH
2002 Jul 25
1
[Bug 371] New: OpenSSH fails to build on Alpha True64 in cipher.c
http://bugzilla.mindrot.org/show_bug.cgi?id=371
Summary: OpenSSH fails to build on Alpha True64 in cipher.c
Product: Portable OpenSSH
Version: -current
Platform: Alpha
OS/Version: OSF/1
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: openssh-unix-dev at mindrot.org
2014 Jan 07
1
max rsa key length, sym. cipher and digest recommendations ?
Hello,
I understand that I can use the openssl ciphers and digests available on
my systems, i.e. those in the list generated by "openssl
list-cipher-commands" and "openssl list-message-digest-algorithms".
I want to create a admin vpn network between my servers and my
workplace. Network throughput is not a big issue, I am using ssh and the
cli, however I would also do
2000 Jan 14
2
The cipher 'none' in OpenSSH
Hallo to everyone!
First I would like to thank everybody for making a free implementation
of ssh available.
I am administrating the network at the computer science department of
the University of Munich. Here, rcp (as in many other places, I guess)
is banned for security reasons. I, aswell as others, use scp regulary
to copy files from one machine to another.
The problem is, that the transfer
2009 Feb 26
1
OpenSSH with 'none' cipher (after reading bug #877)
Hi,
I'd like to argue in favor of bug #877 (
https://bugzilla.mindrot.org/show_bug.cgi?id=877) from a new perspective.
Instead of performance, I wish to raise the issue of regulatory compliance
and auditing.
I read all of #877 and I understand the arguments for and against, but I
felt at the end the decisive comment by Damien was mostly based on 'We don't
want users to use
2007 Jul 09
1
The Camellia block cipher for OpenSSH 4.6p1.
Hi,
I implemented a patch for porting the Camellia block cipher to
one of the OpenSSH-usable cipher. Camellia is one of the approved
encryption methods of NESSIE and has specified in several RFCs.
I put the patch at:
http://www.is.titech.ac.jp/~yanagis0/text/camellia/openssh-4.6p1-0.2.patch
in http://www.is.titech.ac.jp/~yanagis0/text/camellia-e.html.
I hope you will enjoy this patch and
2014 Mar 06
1
Is cipher "3des-ctr" supported by openssh?
Hi,
Is cipher "3des-ctr" supported by openssh?
It is not mentioned in the list of supported ciphers in the man page of
ssh_config:
Thanks, Sunil
Ciphers
Specifies the ciphers allowed for protocol version 2 in order of
preference. Multiple ciphers must be comma-separated. The supported ciphers
are ''3des-cbc'', ''aes128-cbc'',
2002 Mar 08
0
[Bug 154] New: make failes: make: *** [cipher.o] Error 1
http://bugzilla.mindrot.org/show_bug.cgi?id=154
Summary: make failes: make: *** [cipher.o] Error 1
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: openssh-unix-dev at mindrot.org
2020 Jul 18
2
[Bug 3194] New: Please consider lowering chacha20-poly1305@openssh.com cipher priority on AES-NI capable CPU
https://bugzilla.mindrot.org/show_bug.cgi?id=3194
Bug ID: 3194
Summary: Please consider lowering chacha20-poly1305 at openssh.com
cipher priority on AES-NI capable CPU
Product: Portable OpenSSH
Version: 8.3p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
2007 Jan 05
1
No warning message is displayed for "none" cipher
Hello all,
I tried to connect to the server that supports protocol 1:
# ssh -1 -o "cipher none" remotehost
<No valid SSH1 cipher, using 3des instead>
As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage.
try_challenge_response_authentication() {
....
if (options.cipher == SSH_CIPHER_NONE)
2003 Sep 18
1
[Bug 675] cipher.c error when building against openssl 0.9.5a on Mandrake 7.2
http://bugzilla.mindrot.org/show_bug.cgi?id=675
Summary: cipher.c error when building against openssl 0.9.5a on
Mandrake 7.2
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo:
2013 Mar 11
1
[PATCH] Portability improvements for regress/cipher-speed.sh
Hi,
Although cipher-speed.sh isn't failing, its output is useless on some
platforms. Aside from the definition of $DATA noted in a previous post
to this list, it makes assumptions about dd's status message and the
behaviour of echo.
The patch below addresses these issue, at least on RHEL.
Index: regress/cipher-speed.sh
===================================================================
2003 Sep 19
6
[Bug 685] cipher.c error when building against OpenSSL 0.9.7b on RedHat 7.3
http://bugzilla.mindrot.org/show_bug.cgi?id=685
Summary: cipher.c error when building against OpenSSL 0.9.7b on
RedHat 7.3
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: Build system
AssignedTo:
2007 Jul 14
10
[Bug 1340] New: Support for Camellia block cipher to OpenSSH-portable.
http://bugzilla.mindrot.org/show_bug.cgi?id=1340
Summary: Support for Camellia block cipher to OpenSSH-portable.
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Miscellaneous
AssignedTo: bitbucket at mindrot.org