Bug 3195

Summary: ssh-keygen unable to convert ED25519 public keys
Product: Portable OpenSSH Reporter: Marcos Alano <marcoshalano>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: NEW ---    
Severity: enhancement CC: djm, dtucker, gl, me, ricky.tigg
Priority: P5    
Version: 8.2p1   
Hardware: amd64   
OS: Linux   
Attachments:
Description Flags
support reading PKCS8 Ed25519 keys
none
hello moto none

Description Marcos Alano 2020-07-19 03:54:21 AEST 
I generate a ED25519 key using OpenSSL:
openssl genpkey -algorithm ED25519 -out key_ed25519.pem
After that I extracted the public key:
openssl pkey -in key_ed25519.pem -pubout -out public_ed25519.pem
And then I try to get the SSH public key to put on authorized_keys:
ssh-keygen -i -m PKCS8 -f public_ed25519.pem
The error was:
do_convert_from_pkcs8: unsupported pubkey type 1087
So I think ssh-keygen can't convert a ED25519 public key. The expected result was something like:
ssh-ed25519 AAAA...
I found a tool called sshpk (https://www.npmjs.com/package/sshpk) which converts correctly:
sshpk-conv public_ed25519.pem -t ssh
The output is what I should expect.
Comment 1 Damien Miller 2020-07-24 15:51:20 AEST 
Created attachment 3433 [details]
support reading PKCS8 Ed25519 keys

OpenSSH doesn't currently support reading or writing Ed25519 keys in any format other than the OpenSSH native key format.

Not all libcrypto implementations support Ed25519 keys, in particular LibreSSL does not.

This patch adds support for reading PKCS8 Ed25519 keys on recent OpenSSL, but it can't be upstreamed until LibreSSL supports these keys too.
Comment 2 Damien Miller 2021-04-30 14:04:50 AEST 
*** Bug 3298 has been marked as a duplicate of this bug. ***
Comment 3 ricky.tigg 2021-04-30 20:23:52 AEST 
Patch providing basic support of Ed25519 keys via PKCS#11 tokens: https://github.com/openssh/openssh-portable/pull/230
Comment 4 guanlong 2021-06-01 15:02:49 AEST 
Created attachment 3525 [details]
hello moto
Comment 5 Evan Carroll 2023-01-18 03:24:46 AEDT 
(In reply to Damien Miller from comment #1)
> it can't be upstreamed until LibreSSL supports these
> keys too.

Should this be re-evaluated now that LibreSSL supports ed25519 with 3.7.0 released Dec 12, 2022?

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.0-relnotes.txt