similar to: How to determine which cipher was used to encrypt OpenSSH private keys

Hi, looking through the key specification, you can see that its the second field in the key file: https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11 It looks like there is no convenient way to get this information with openssh cli, but given that the file format is just base64 encoded, you can read it out with something like this: $ cat /tmp/rsa | head -n -1 | tail -n +2 |

On Mon, 22 Jan 2024, Jakub Jelen wrote: > Hi, > looking through the key specification, you can see that its the second > field in the key file: > > https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key#L11 > > It looks like there is no convenient way to get this information with > openssh cli, but given that the file format is just base64 encoded, > you

And given that this code is reading your private key files, I guess I should have added "if you trust its developer" Otherwise, I'd stick with the shell script or python snippet.

In 0.9.7 the private key encryption was switched from 3DES to AES, (https://bugzilla.mindrot.org/show_bug.cgi?id=1550) the motivation for this being that 128-bits of security is better than the 112 or so you get from 3DES these days. Interestingly that bug is about upgrading to AES-256, but we ended up with AES-128. Presumably due to the Solaris crippling? However ssh-keygen still uses a

http://bugzilla.mindrot.org/show_bug.cgi?id=242 Summary: cipher.c doesn't compile in openssh-3.1p1 (i386- solaris2.8-gcc) Product: Portable OpenSSH Version: 3.1p1 Platform: ix86 OS/Version: Solaris Status: NEW Severity: minor Priority: P3 Component: Miscellaneous AssignedTo:

Hello, the attached patch for Dovecot 2.2.4 improves the logging to include information about the cipher suite used for a TLS connection. Here is an example log line: Aug 13 21:49:55 colwyn dovecot: imap-login: Login: user=<tron>, method=CRAM-MD5, rip=2001:8b0:114:1::2, lip=2001:8b0:114:1::2, mpid=10567, TLS=<TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)>,

Hello, I had some difficulties in order to convert private keys between different implementations of SSH. So, I wrote the following patch to allow export of SSH2 RSA and DSA private keys into IETF SECSH format. Note that I also slightly revised the IETF SECSH key import code. Usage: use of the "-e" option on a private key file generates an unencrypted private key file in IETF SECSH

http://bugzilla.mindrot.org/show_bug.cgi?id=371 Summary: OpenSSH fails to build on Alpha True64 in cipher.c Product: Portable OpenSSH Version: -current Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

Hello, I understand that I can use the openssl ciphers and digests available on my systems, i.e. those in the list generated by "openssl list-cipher-commands" and "openssl list-message-digest-algorithms". I want to create a admin vpn network between my servers and my workplace. Network throughput is not a big issue, I am using ssh and the cli, however I would also do

Hallo to everyone! First I would like to thank everybody for making a free implementation of ssh available. I am administrating the network at the computer science department of the University of Munich. Here, rcp (as in many other places, I guess) is banned for security reasons. I, aswell as others, use scp regulary to copy files from one machine to another. The problem is, that the transfer

Hi, I'd like to argue in favor of bug #877 ( https://bugzilla.mindrot.org/show_bug.cgi?id=877) from a new perspective. Instead of performance, I wish to raise the issue of regulatory compliance and auditing. I read all of #877 and I understand the arguments for and against, but I felt at the end the decisive comment by Damien was mostly based on 'We don't want users to use

Hi, I implemented a patch for porting the Camellia block cipher to one of the OpenSSH-usable cipher. Camellia is one of the approved encryption methods of NESSIE and has specified in several RFCs. I put the patch at: http://www.is.titech.ac.jp/~yanagis0/text/camellia/openssh-4.6p1-0.2.patch in http://www.is.titech.ac.jp/~yanagis0/text/camellia-e.html. I hope you will enjoy this patch and

Hi, Is cipher "3des-ctr" supported by openssh? It is not mentioned in the list of supported ciphers in the man page of ssh_config: Thanks, Sunil Ciphers Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. The supported ciphers are ''3des-cbc'', ''aes128-cbc'',

http://bugzilla.mindrot.org/show_bug.cgi?id=154 Summary: make failes: make: *** [cipher.o] Error 1 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=3194 Bug ID: 3194 Summary: Please consider lowering chacha20-poly1305 at openssh.com cipher priority on AES-NI capable CPU Product: Portable OpenSSH Version: 8.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: enhancement

Hello all, I tried to connect to the server that supports protocol 1: # ssh -1 -o "cipher none" remotehost <No valid SSH1 cipher, using 3des instead> As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage. try_challenge_response_authentication() { .... if (options.cipher == SSH_CIPHER_NONE)

http://bugzilla.mindrot.org/show_bug.cgi?id=675 Summary: cipher.c error when building against openssl 0.9.5a on Mandrake 7.2 Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo:

Hi, Although cipher-speed.sh isn't failing, its output is useless on some platforms. Aside from the definition of $DATA noted in a previous post to this list, it makes assumptions about dd's status message and the behaviour of echo. The patch below addresses these issue, at least on RHEL. Index: regress/cipher-speed.sh ===================================================================

http://bugzilla.mindrot.org/show_bug.cgi?id=685 Summary: cipher.c error when building against OpenSSL 0.9.7b on RedHat 7.3 Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: Build system AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=1340 Summary: Support for Camellia block cipher to OpenSSH-portable. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org