Bug 2865 - OpenSSH private key format documentation seems off
Summary: OpenSSH private key format documentation seems off
Status: NEW
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 7.7p1
Hardware: Other Windows 10
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-05-09 12:20 AEST by terrafrost
Modified: 2018-05-09 12:20 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description terrafrost 2018-05-09 12:20:47 AEST 
I do ssh-keygen -t ed25519 and get the following private key:

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACDi2XfiIvuuAB/U7eY2FdkboXZHNlSe7n86oOKiWCCINAAAAKCouUdrqLlH
awAAAAtzc2gtZWQyNTUxOQAAACDi2XfiIvuuAB/U7eY2FdkboXZHNlSe7n86oOKiWCCINA
AAAEAi3voQW6X2cPzaSqBnW47sqnfEz9DrKEFwcP48S5+cyOLZd+Ii+64AH9Tt5jYV2Ruh
dkc2VJ7ufzqg4qJYIIg0AAAAG2p3aWdnaW50b25Abm9kZTIucGFwMzYwLmNvbQEC
-----END OPENSSH PRIVATE KEY-----

The documentation for that format is discussed here:

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD

I think this would be a more accurate description of the private key format:

----------------------------------

3. Unencrypted list of N private keys

The list of privatekey/comment pairs is padded with the
bytes 1, 2, 3, ... until the total length is a multiple
of the cipher block size.

       uint32  checkint
       uint32  checkint
       string  typeofkey (ssh-ed25519, ssh-rsa, etc)
       string  publickey
       string  privatekey
       string  comment
       char    1
       char    2
       char    3
       ...
       char    padlen % 255

----------------------------------

Maybe after that first comment the strings should repeat idk (idk how to generate, with OpenSSH, a key that contains multiple private keys).

I'm also assuming that http://tools.ietf.org/html/rfc4253#section-6 applies to OpenSSH private keys:

   Note that the length of the concatenation of 'packet_length',
   'padding_length', 'payload', and 'random padding' MUST be a multiple
   of the cipher block size or 8, whichever is larger.

Seems like it might be nice to mention that in the docs..