after upgrade RHED6.8 to Fedora28 (ssh v6 to v7) I'm not able to load ECDSA key, ssh is telling it has invalid format RedHat support was able to reproduce this bug too: https://bugzilla.redhat.com/show_bug.cgi?id=1610222 Why I think problem is in SSH ? Because openssl has new option check - and it is telling, that private key is OK. Thanks for your time.
Which exact version of OpenSSH generated they key? What is the output of "ssh-keygen -vvvlf /path/key"?
Hi, I used CentOS v6.9 to reproduce this problem - there is openssh in version openssh-5.3p1-123.el6_9.x86_64 and it can load and use my key without problem. On Fedora28 there is openssh-7.7p1-5.fc28.x86_64 and it tells me: $ ssh-add id_ecdsa Error loading key "id_ecdsa": invalid format here is output you requested: $ ssh-keygen -vvvlf id_ecdsa 521 SHA256:fMK7A1KpalIDhzir46fTHj9GNIWVXsdsmTL9sCrUvkw Rej (ECDSA) +---[ECDSA 521]---+ | o.. + o | | . o + X | |.. o.o = + | |= . oo= . . . | | = .oo S o | |. o o... E | |...+.. .= . | |+.oooo .+ | |.*=.... .. | +----[SHA256]-----+
OpenSSH added ECDSA support in release 5.7 (https://www.openssh.com/txt/release-5.7), so I don't understand how you generated an ECDSA key using OpenSSH 5.3.
Created attachment 3169 [details] ECDSA private key reproducing a problem Please, see the analysis in the redhat bugzilla. It already answers most of the questions and points what is different in the old key and a new key (format: named curve x raw group parameters) and why is it failing (ec group comparison). I can reproduce the same behavior so I attached the testing private key. I suspect this is some change in OpenSSL, how they handle EC group comparison, but I did not have time to investigate it further. It might even work for you with LibreSSL.
OpenSSH tries to support keys that encode explicit group parameters rather than the group ID. See sshkey.c:sshkey_ecdsa_key_to_nid() This definitely used to work with OpenSSL, but it doesn't seem to now. It does work with libressl.
This seems to be a bug in OpenSSL. OpenSSH does everything I know of to ascertain and use the correct EC group. Please tell me if this is not the case and I'll try to fix it.
close bugs that were resolved in OpenSSH 8.5 release cycle