[Bug 2567] New: Wrong terminology used for ssh-keygen "-m" option

bugzilla-daemon Thu, 05 May 2016 13:00:07 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=2567


            Bug ID: 2567
           Summary: Wrong terminology used for ssh-keygen "-m"  option
           Product: Portable OpenSSH
           Version: 6.6p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Documentation
          Assignee: [email protected]
          Reporter: [email protected]

According to "man ssh-config", "-m" support following formats: "PKCS8
(PEM PKCS8 public key)" and "PEM (PEM public key)".

This is not true. First of all they are both PEM (Base64 encoded DER).
And PKCS8 is for *private* keys only. What you call "PKCS8" is
"SubjectPublicKeyInfo" and it is encoded in PEM.

What you call "PEM" is RSA public key encoded in PEM.

People are confused:
http://crypto.stackexchange.com/questions/27913/why-can-ssh-keygen-export-a-public-key-in-pem-pkcs8-format

http://crypto.stackexchange.com/questions/35093/why-ssh-gen-makes-difference-between-pem-and-pkcs8


"PKCS8" is better be called "SubjectPublicKeyInfo" or "AnyPublicKey"
and "PEM" should be "RSAPublicKey" or "RSAEncryption".

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2567] New: Wrong terminology used for ssh-keygen "-m" option

Reply via email to