Instance 1) generate OpenSSH keys with "ssh-keygen -t rsa" with empty passphrase These keys successfully worked when connecting from an OpenSSH to OpenSSH converted private key to SECSH format with "ssh-keygen -e -f id_rsa >> ../.ssh2/a_secure_key" configured new SECSH private key to be used by F-SECURE 2.0.12 ssh client. when connecting from F-SECURE to OpenSSH public/private key used but is asking for a passphrase. Since the keys were generated with no passphrase, the converted key should have an empty passphrase as well. Note: Tried with a none empty passphrase as well and authentication failed when I entered the passphrase. Passphrase is corrupted. INSTANCE 2) generated RSA public/private key pair using F-SECURE ssh-keygen v 2.0.12 converted the SECSH keys to OpenSSH format using OpenSSH ssh-keygen as follows "ssh-keygen -i -f a_secure_key >> ../.ssh/id_rsa" tried connecting using from OpenSSH client with "ssh -v host" and received the following" host1% ssh -v host2 OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f debug1: Reading configuration data /usr/local/etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 6005 geteuid 6005 anon 1 debug1: Connecting to host2 [xxx.xxx.xxx.xxx] port 22. debug1: temporarily_use_uid: 6005/6005 (e=6005) debug1: restore_uid debug1: temporarily_use_uid: 6005/6005 (e=6005) debug1: restore_uid debug1: Connection established. debug1: identity file /home/user1/.ssh/identity type -1 debug1: identity file /home/user1/.ssh/id_rsa type -1 debug1: identity file /home/user1/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version 2.0.12 F-SECURE SSH debug1: match: 2.0.12 F-SECURE SSH pat 2.0.11*,2.0.12* Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.1p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client 3des-cbc hmac-md5 none debug1: kex: client->server 3des-cbc hmac-md5 none debug1: dh_gen_key: priv key bits set: 203/384 debug1: bits set: 533/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Host 'host2' is known and matches the DSA host key. debug1: Found key in /home/user1/.ssh/known_hosts:38 debug1: bits set: 508/1024 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: buggy server: service_accept w/o service debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password debug1: next auth method to try is publickey debug1: try privkey: /home/user1/.ssh/identity debug1: try privkey: /home/user1/.ssh/id_rsa debug1: read PEM private key done: type RSA ssh_rsa_sign: SSH_BUG_SIGBLOB not supported resulting in a failure to use the private key and dropped into password authentication INSTANCE 3) generated DSA public/private key pair using F-SECURE ssh-keygen v 2.0.12 converted the SECSH keys to OpenSSH format using OpenSSH ssh-keygen as follows "ssh-keygen -i -f a_secure_key >> ../.ssh/id_dsa" and received the following from ssh-keygen ssh_dss_sign: sign failed xrealloc: out of memory ( new_size 4026548080 bytes ) BIG NOTE: this does not occur with the ssh-keygen with v3.0p1 The Following is a copy of the Makefile used to compile OpenSSH ------------------------------------------------------------------ # $Id: Makefile.in,v 1.197 2002/02/26 19:24:22 mouring Exp $ prefix=/usr/local exec_prefix=${prefix} bindir=${exec_prefix}/bin sbindir=${exec_prefix}/sbin libexecdir=${exec_prefix}/libexec datadir=${prefix}/share mandir=${prefix}/man mansubdir=man sysconfdir=/usr/local/etc piddir=/usr/local/etc srcdir=. top_srcdir=. DESTDIR= SSH_PROGRAM=${exec_prefix}/bin/ssh ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass SFTP_SERVER=$(libexecdir)/sftp-server PATHS= -DSSHDIR=\"$(sysconfdir)\" \ -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \ -D_PATH_SSH_PIDDIR=\"$(piddir)\" \ -DSSH_RAND_HELPER=\"$(libexecdir)/ssh-rand-helper\" CC=gcc LD=gcc CFLAGS=-g -O2 -Wall -Wpointer-arith -Wno-uninitialized CPPFLAGS=-I. -I$(srcdir) -I/home/gmccone/installs/openssl-0.9.6c/include - I/home/gmccone/installs/zlib-1.1.4 -I/usr/local/include $(PATHS) - DHAVE_CONFIG_H LIBS=-lz -lsocket -lnsl -lcrypto LIBPAM=-lpam -ldl LIBWRAP= AR=/usr/xpg4/bin/ar RANLIB=ranlib INSTALL=./install-sh -c PERL=/home/gmccone/local/bin/perl ENT= XAUTH_PATH=/usr/openwin/bin/xauth LDFLAGS=-L. -Lopenbsd-compat/ -R/home/gmccone/installs/openssl-0.9.6c - L/home/gmccone/installs/openssl-0.9.6c -L/home/gmccone/installs/zlib-1.1.4 - R/home/gmccone/installs/zlib-1.1.4 -L/usr/local/lib -R/usr/local/lib EXEEXT= SSH_MODE= 0711 INSTALL_SSH_PRNG_CMDS= INSTALL_SSH_RAND_HELPER=yes SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT) TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh- keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS) LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth- rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth- rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh- keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 MANTYPE = man CONFIGFILES=sshd_config.out ssh_config.out moduli.out CONFIGFILES_IN=sshd_config ssh_config moduli PATHSUBS = \ -D/etc/ssh/ssh_config=$(sysconfdir)/ssh_config \ -D/etc/ssh/ssh_known_hosts=$(sysconfdir)/ssh_known_hosts \ -D/etc/ssh/sshd_config=$(sysconfdir)/sshd_config \ -D/usr/libexec=$(libexecdir) \ -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv \ -D/etc/ssh/ssh_host_key=$(sysconfdir)/ssh_host_key \ -D/etc/ssh/ssh_host_dsa_key=$(sysconfdir)/ssh_host_dsa_key \ -D/etc/ssh/ssh_host_rsa_key=$(sysconfdir)/ssh_host_rsa_key \ -D/var/run/sshd.pid=$(piddir)/sshd.pid \ -D/etc/ssh/moduli=$(sysconfdir)/moduli \ -D/etc/ssh/sshrc=$(sysconfdir)/sshrc \ -D/usr/X11R6/bin/xauth=$(XAUTH_PATH) \ - D/usr/bin:/bin:/usr/sbin:/sbin=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS) all: $(CONFIGFILES) $(MANPAGES) $(TARGETS) $(LIBSSH_OBJS): config.h $(SSHOBJS): config.h $(SSHDOBJS): config.h .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c $< LIBCOMPAT=openbsd-compat/libopenbsd-compat.a $(LIBCOMPAT): always (cd openbsd-compat && $(MAKE)) always: libssh.a: $(LIBSSH_OBJS) $(AR) rv $@ $(LIBSSH_OBJS) $(RANLIB) $@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o $(LD) -o $@ scp.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd- compat $(LIBS) sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp- common.o sftp-glob.o $(LD) -o $@ sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) $(MANPAGES): $(MANPAGES_IN) if test "$(MANTYPE)" = "cat"; then \ manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ else \ manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ fi; \ if test "$(MANTYPE)" = "man"; then \ $(FIXPATHSCMD) $${manpage} | $(PERL) $(srcdir)/mdoc2man.pl > $@; \ else \ $(FIXPATHSCMD) $${manpage} > $@; \ fi $(CONFIGFILES): $(CONFIGFILES_IN) conffile=`echo $@ | sed 's/.out$$//'`; \ $(FIXPATHSCMD) $(srcdir)/$${conffile} > $@ clean: rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core (cd openbsd-compat && $(MAKE) clean) distclean: rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core rm -f Makefile config.h config.status ssh_prng_cmds *~ rm -rf autom4te.cache (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) veryclean: rm -f configure config.h.in *.0 rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core rm -f Makefile config.h config.status ssh_prng_cmds *~ (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) mrproper: distclean catman-do: @for f in $(MANPAGES_IN) ; do \ base=`echo $$f | sed 's/\..*$$//'` ; \ echo "$$f -> $$base.0" ; \ nroff -mandoc $$f | cat -v | sed -e 's/.\^H//g' \ >$$base.0 ; \ done distprep: catman-do autoreconf (cd scard && $(MAKE) -f Makefile.in distprep) install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files scard-install: (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) install-files: scard-install $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) $(srcdir)/mkinstalldirs $(DESTDIR)$(datadir) $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) $(INSTALL) -m $(SSH_MODE) -s ssh $(DESTDIR)$(bindir)/ssh $(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp $(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add $(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent $(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen $(INSTALL) -m 0755 -s ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan $(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \ $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR) $(libexecdir)/ssh-rand-helper ; \ fi $(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp $(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER) $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh- add.1 $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh- agent.1 $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir) 1/ssh-keygen.1 $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir) 1/ssh-keyscan.1 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir) 8/sftp-server.8 -rm -f $(DESTDIR)$(bindir)/slogin ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ fi if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ $(INSTALL) -m 644 ssh_config.out $(DESTDIR) $(sysconfdir)/ssh_config; \ else \ echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \ fi if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ $(INSTALL) -m 644 sshd_config.out $(DESTDIR) $(sysconfdir)/sshd_config; \ else \ echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \ fi if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ $(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \ if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \ $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR) $(sysconfdir)/ssh_prng_cmds; \ else \ echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \ fi ; \ fi if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \ if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \ echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \ mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR) $(sysconfdir)/moduli"; \ else \ $(INSTALL) -m 644 moduli.out $(DESTDIR) $(sysconfdir)/moduli; \ fi ; \ else \ echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ fi host-key: ssh-keygen$(EXEEXT) if [ -z "$(DESTDIR)" ] ; then \ if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ else \ ./ssh-keygen -t rsa1 -f $(DESTDIR) $(sysconfdir)/ssh_host_key -N "" ; \ fi ; \ if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \ echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \ else \ ./ssh-keygen -t dsa -f $(DESTDIR) $(sysconfdir)/ssh_host_dsa_key -N "" ; \ fi ; \ if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \ echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \ else \ ./ssh-keygen -t rsa -f $(DESTDIR) $(sysconfdir)/ssh_host_rsa_key -N "" ; \ fi ; \ fi ; host-key-force: ssh-keygen$(EXEEXT) ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" uninstallall: uninstall -rm -f $(DESTDIR)$(sysconfdir)/ssh_config -rm -f $(DESTDIR)$(sysconfdir)/sshd_config -rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds -rmdir $(DESTDIR)$(sysconfdir) -rmdir $(DESTDIR)$(bindir) -rmdir $(DESTDIR)$(sbindir) -rmdir $(DESTDIR)$(mandir)/$(mansubdir)1 -rmdir $(DESTDIR)$(mandir)/$(mansubdir)8 -rmdir $(DESTDIR)$(mandir) -rmdir $(DESTDIR)$(libexecdir) uninstall: -rm -f $(DESTDIR)$(bindir)/slogin -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
(1) exporting openssh private keys is not supported (2) rsa bugs from ssh.com 2.0.12 are not supported (3) this is probably another 2.0.12 bug.
the SECSH standard does not talk about private key formats and your examples are about private keys only. for private keys we support importing keys only. for using RSA keys against older implemenations, not all bugs from the old implemenations are supported
Instance 1) is a non issue. Misread the man file several times. Instance 2) and 3) are still vaild and were working in 3.0p1 F-Secure is not SSH.COM
#2 fixed
importing your example keys work for me with differnt versions of openssh
bug fixed, not WORKSFORME
*** Bug 216 has been marked as a duplicate of this bug. ***
fixed in -current
Mass change of RESOLVED bugs to CLOSED