2825 – ssh-keygen -t rsa1 generates key and then fails to save it

Bug 2825 - ssh-keygen -t rsa1 generates key and then fails to save it

Summary: ssh-keygen -t rsa1 generates key and then fails to save it

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keygen (show other bugs)
Version:	7.4p1
Hardware:	Other Linux

Importance:	P5 minor
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-01-24 22:43 AEDT by Ian Jackson
Modified:	2018-04-06 12:26 AEST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ian Jackson 2018-01-24 22:43:08 AEDT

$ ssh-keygen -t rsa1 -b 2048 -f t
Generating public/private rsa1 key pair.
t already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Saving key "t" failed: unknown or unsupported key type
$

I guess this is a consequence of dropping SSH v1 protocol support.

(I was doing this because I have a program which uses RSA, relies on an external key generator, and understands the ssh v1 key format.)

If ssh-keygen is not able to save in ssh1 RSA format, it should fail early rather than going to all of the effort of generating a key (this took a minute or two on my rpi) and then bombing out.

I filed this bug originally against Debian's version, here:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888205

Comment 1 Darren Tucker 2018-02-06 12:25:47 AEDT

Thanks for the report.  This has already been fixed in this commit which was included in the 7.6 release:
https://github.com/openssh/openssh-portable/commit/873d3e7d

$ ssh -V
OpenSSH_7.6p1, OpenSSL 1.0.2m-fips  2 Nov 2017
$ ssh-keygen -t rsa1 -b 2048 -f t
unknown key type rsa1

Comment 2 Damien Miller 2018-04-06 12:26:44 AEST

Close all resolved bugs after release of OpenSSH 7.7.