3023 – ssh-keygen no longer writes PKCS#1 PEM format

Bug 3023 - ssh-keygen no longer writes PKCS#1 PEM format

Summary: ssh-keygen no longer writes PKCS#1 PEM format

Status:	CLOSED INVALID

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keygen (show other bugs)
Version:	8.0p1
Hardware:	All Linux

Importance:	P5 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-06-26 06:01 AEST by Sam
Modified:	2021-03-04 09:52 AEDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam 2019-06-26 06:01:12 AEST

After upgrading OpenSSH 7.9 to 8.0 (while upgrading from Fedora 29 to 30), ssh-keygen can no longer generate PKCS#1 formatted private keys.  I'm specifying "-m PEM" to generate keys in the legacy PEM private key format, but the output format has changed between the releases.

Is it possible to still generate PKCS#1 formatted keys with OpenSSH 8.0?  I'm processing these keys with dropbearconvert, which doesn't support the PKCS#8 format.


Example outputs:


## Fedora 29 / OpenSSH 7.9

$ rpm -qa | grep openssh
openssh-clients-7.9p1-6.fc29.x86_64
openssh-server-7.9p1-6.fc29.x86_64
openssh-7.9p1-6.fc29.x86_64

$ ssh-keygen -t rsa -b 2048 -m PEM -f ~/id_pem -N ""
Generating public/private rsa key pair.
Your identification has been saved in /home/foo/id_pem.
Your public key has been saved in /home/foo/id_pem.pub.
The key fingerprint is:
SHA256:SPvtI5cPgKCjrH+wsgYy076vE1NTjcfc9Mc6cdbHG9I foo@localhost
The key's randomart image is:
+---[RSA 2048]----+
|       = o.      |
|      o = .. ..o |
|    ....    o.=E+|
|   .oo +     *. +|
| .o. .+ S   o  . |
|*.=.   . o   .   |
|+= =    . o.     |
|o.+ .   ..+.     |
|+++*.    o.o.    |
+----[SHA256]-----+

$ head id_pem
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwkG0o3kuCd7dxQa7cJPWSqZO6eADPgivWJ7aE6vbj7diXoSX
UF40roLIgt8lcKVvGaWdrD3YUQLVUMPlKpiyICCVLwLDapP/Qm8v4GoxClVUgjg6
DddQYI8GQImpLCLy3Rg+9EK+ubBkIBngiVMu8y3Q6ZAulTcQthONjyndRZbSxHR2


----------


## Fedora 30 / OpenSSH 8.0

$ rpm -qa | grep openssh
openssh-8.0p1-4.fc30.x86_64
openssh-server-8.0p1-4.fc30.x86_64
openssh-clients-8.0p1-4.fc30.x86_64

$ ssh-keygen -t rsa -b 2048 -m PEM -f ~/id_pem -N ""
Generating public/private rsa key pair.
Your identification has been saved in /home/foo/id_pem.
Your public key has been saved in /home/foo/id_pem.pub.
The key fingerprint is:
SHA256:sthFFnvZu0BUN5Evd2UUbme/S7wNiHlAaj6i+Q6dL0o foo@localhost
The key's randomart image is:
+---[RSA 2048]----+
|        . ... +=o|
|         + o .o.o|
|        + = .  =+|
|       o =   .o.*|
|      . S o .  oo|
|     + B   = o. .|
|    E * o o + .+ |
|   . +.o . .  ..+|
|    ++o..      o.|
+----[SHA256]-----+

$ head id_pem
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCpoPt4v6ESanwB
BZ0Q2k/KQaXBcm5tVYDZPT7jWFlei9x0bfP7MltXy4DyH75T5TwPNocLk9ehWKnA
l+vFetu/P9BtGuLyDhb0oGym91NjQbfquDzl+9n/lHJQgFQYZbimXyTJgcqZwOl7

Comment 1 Jakub Jelen 2019-06-26 18:16:57 AEST

See the bug #3013 which proposed this change.

The simplest solution would be to teach dropbear this format. The OpenSSL 1.0 introducing this format was released almost 10 years ago.

Otherwise, you can always use openssl to convert the keys for you:

openssl pkey -traditional -in /tmp/rsa.pem -out /tmp/rsa-traditional.pem

Comment 2 Darren Tucker 2019-07-05 15:48:41 AEST

This appears to be due to a Fedora specific change and does not apply to any version supplied by the OpenSSH team, so I'm closing this bug.  Discussion about any possible changes to the key formats will be over at bug#3013.  Thanks for the report.

Comment 3 Damien Miller 2021-03-04 09:52:49 AEDT

close bugs that were resolved in OpenSSH 8.5 release cycle