Bug 2369 - `ssh-keygen -A` errors on RSA1 when building with SSH1 disabled
Summary: `ssh-keygen -A` errors on RSA1 when building with SSH1 disabled
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh-keygen (show other bugs)
Version: 6.8p1
Hardware: All All
: P5 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_6_9
  Show dependency treegraph
 
Reported: 2015-03-23 05:55 AEDT by Mike Frysinger
Modified: 2015-08-11 23:03 AEST (History)
2 users (show)

See Also:

Attachments
openssh-6.8_p1-ssh-keygen-no-ssh1.patch (491 bytes, patch)
2015-03-23 05:56 AEDT, Mike Frysinger 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Frysinger 2015-03-23 05:55:42 AEDT 
sshkey.c:sshkey_private_to_fileblob disables support for RSA1 when SSH1 support has been disabled:
    switch (key->type) {
#ifdef WITH_SSH1
    case KEY_RSA1:
        return sshkey_private_rsa1_to_blob(key, blob,
            passphrase, comment);
#endif /* WITH_SSH1 */

but ssh-keygen.c will still include RSA1:
static void
do_gen_all_hostkeys(struct passwd *pw)
{
    struct {
        char *key_type;
        char *key_type_display;
        char *path;
    } key_types[] = {
        { "rsa1", "RSA1", _PATH_HOST_KEY_FILE },

which leads to runtime errors like:
  ssh-keygen: generating new host keys: RSA1 Saving key "/etc/ssh/ssh_host_key" failed: unknown or unsupported key type
Comment 1 Mike Frysinger 2015-03-23 05:56:41 AEDT 
Created attachment 2574 [details]
openssh-6.8_p1-ssh-keygen-no-ssh1.patch
Comment 2 Damien Miller 2015-03-23 17:11:27 AEDT 
Similar patch applied (on master an V_6_8 branches) - it was also wrong for the !OpenSSL case.

Thanks
Comment 3 Damien Miller 2015-08-11 23:03:06 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1