Simon Josefsson <[EMAIL PROTECTED]> writes:

> If it would help someone, there is code in libssh2 that I wrote which
> decodes unencrypted OpenSSL private keys (which apparently is what
> OpenSSH is using) and imports them into a libgcrypt sexp.

Does openssl and openssh use the PKCS#1 format for private keys, as
the DER encoding of ASN.1 objects? (Maybe that spec is for RSA keys
only, but if so there ought to be some related spec for DSA).

I would have expected openssh to use something closer to the ssh
wireformat, i.e., the wireformat ssh-rsa/ssh-dsa with some additional
felds for the secret information, like I think the old proprietary ssh
program did.

For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and later)
can also convert RSA keys in pkcs#1 formats to sexp format.

lsh-bugs mailing list

Reply via email to