Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for SSH key PKCS#8 #7333

Closed
cyberduck opened this issue Jul 4, 2013 · 4 comments
Closed

Support for SSH key PKCS#8 #7333

cyberduck opened this issue Jul 4, 2013 · 4 comments
Assignees
Labels
Milestone

Comments

@cyberduck
Copy link
Collaborator

6e8977d created the issue

I have recently followed a good (I think) security practice and used a way to improve protection of my key against brute force attack. The DSA private key is not encapsulated in a PKCS11927 envelope

http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html

It turns out that cyberduck does not know how to open this envelope and fails with the following error message when I try and access a FTP via SFTP. Regular SSH connection works.

invalid PEM structure, '-------BEGIN...' missing

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Add interoperability will be quite straight forward.

Notice that the header/footer lines have changed (BEGIN ENCRYPTED PRIVATE KEY instead of BEGIN RSA PRIVATE KEY), and the plaintext Proc-Type and DEK-Info headers have gone

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Although not many users will adopt the better key format given

On Mac OS X 10.9 (Mavericks), the default installation of OpenSSH no longer supports PKCS11927 private keys for some reason

@cyberduck
Copy link
Collaborator Author

@dkocher commented

In 94fb76a.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Please update to the latest snapshot build available and confirm the issue is resolved.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

2 participants