Bug 2825

Summary: ssh-keygen -t rsa1 generates key and then fails to save it
Product: Portable OpenSSH Reporter: Ian Jackson <oxwghc>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: minor CC: cjwatson, dtucker
Priority: P5    
Version: 7.4p1   
Hardware: Other   
OS: Linux   

Description Ian Jackson 2018-01-24 22:43:08 AEDT 
$ ssh-keygen -t rsa1 -b 2048 -f t
Generating public/private rsa1 key pair.
t already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Saving key "t" failed: unknown or unsupported key type
$

I guess this is a consequence of dropping SSH v1 protocol support.

(I was doing this because I have a program which uses RSA, relies on an external key generator, and understands the ssh v1 key format.)

If ssh-keygen is not able to save in ssh1 RSA format, it should fail early rather than going to all of the effort of generating a key (this took a minute or two on my rpi) and then bombing out.

I filed this bug originally against Debian's version, here:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888205
Comment 1 Darren Tucker 2018-02-06 12:25:47 AEDT 
Thanks for the report.  This has already been fixed in this commit which was included in the 7.6 release:
https://github.com/openssh/openssh-portable/commit/873d3e7d

$ ssh -V
OpenSSH_7.6p1, OpenSSL 1.0.2m-fips  2 Nov 2017
$ ssh-keygen -t rsa1 -b 2048 -f t
unknown key type rsa1
Comment 2 Damien Miller 2018-04-06 12:26:44 AEST 
Close all resolved bugs after release of OpenSSH 7.7.