| Summary: | ssh-keygen.exe returns invalid format when passphrase is not empty when WITH_OPENSSL is not defined. | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | bingbing8 <yawang> |
| Component: | ssh-keygen | Assignee: | Assigned to nobody <unassigned-bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | normal | CC: | djm |
| Priority: | P5 | ||
| Version: | 7.5p1 | ||
| Hardware: | amd64 | ||
| OS: | All | ||
| Bug Depends on: | |||
| Bug Blocks: | 2698 | ||
This was fixed in commit 0f3455356bc284d7c6f4d3c1614d31161bd5dcc2 and will be in OpenSSH 7.6. Thanks! Close all resolved bugs after release of OpenSSH 7.7. |
on a build without OpenSSL, ssh-keygen.exe -t ed25519 -P Bull -f C:\mspctl\openssh\id_ED25519 Generating public/private ed25519 key pair. Saving key "C:\\mspctl\\openssh\\id_ED25519" failed: invalid argument This occurs when we compile on windows, but we believe it also repros on other os. The cause is that when passphrase is not empty, ciphername is assigned to DEFAULT_CIPHERNAME("aes256-cbc") at the following line in function sshkey_private_to_blob2, but "aes256-cbc" is not valid in ciphers array when WITH_OPENSSL is 0 if (passphrase == NULL || !strlen(passphrase)) { ciphername = "none"; kdfname = "none"; } else if (ciphername == NULL) ciphername = DEFAULT_CIPHERNAME;