| Summary: | PROTOCOL document should describe deviation of public key format from RFC spec | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Eric Brown <eric_wade_brown> |
| Component: | Documentation | Assignee: | Assigned to nobody <unassigned-bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | normal | CC: | djm, dtucker |
| Priority: | P5 | ||
| Version: | 7.6p1 | ||
| Hardware: | All | ||
| OS: | All | ||
| Bug Depends on: | |||
| Bug Blocks: | 2852 | ||
|
Description
Eric Brown
2018-04-07 13:37:46 AEST
Added this section to PROTOCOL, it will be included in the openssh-7.8 release: 4. Miscellaneous changes 4.1 Public key format OpenSSH public keys, as generated by ssh-keygen(1) and appearing in authorized_keys files, are formatted as a single line of text consisting of the public key algorithm name followed by a base64-encoded key blob. The public key blob (before base64 encoding) is the same format used for the encoding of public keys sent on the wire: as described in RFC4253 section 6.6 for RSA and DSA keys, RFC5656 section 3.1 for ECDSA keys and the "New public key formats" section of PROTOCOL.certkeys for the OpenSSH certificate formats. I also added a note to https://www.openssh.com/specs.html that RFC4716 is only supported bu ssh-keygen for key import and export. Close RESOLVED bugs with the release of openssh-8.0 Looks like the new comment added has dead links for ssh-keygen It links to: http://man.openbsd.org/keygen.1 Instead of: http://man.openbsd.org/ssh-keygen.1 And same issue appears in section 4.2 Private key format |