Bug 2567 - Wrong terminology used for ssh-keygen "-m" option
Summary: Wrong terminology used for ssh-keygen "-m" option
Status: NEW
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 6.6p1
Hardware: Other All
: P5 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-05-06 05:59 AEST by Ilya
Modified: 2016-05-06 05:59 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ilya 2016-05-06 05:59:41 AEST 
According to "man ssh-config", "-m" support following formats: "âPKCS8â (PEM PKCS8 public key)" and "âPEMâ (PEM public key)".

This is not true. First of all they are both PEM (Base64 encoded DER). And PKCS8 is for *private* keys only. What you call "PKCS8" is "SubjectPublicKeyInfo" and it is encoded in PEM.

What you call "PEM" is RSA public key encoded in PEM.

People are confused:
http://crypto.stackexchange.com/questions/27913/why-can-ssh-keygen-export-a-public-key-in-pem-pkcs8-format

http://crypto.stackexchange.com/questions/35093/why-ssh-gen-makes-difference-between-pem-and-pkcs8


"PKCS8" is better be called "SubjectPublicKeyInfo" or "AnyPublicKey" and "PEM" should be "RSAPublicKey" or "RSAEncryption".