https://bugzilla.mindrot.org/show_bug.cgi?id=2947
--- Comment #2 from Thomas Schweikle <[email protected]> --- It should not matter which format I wrote the keys out. Since the private key is in all cases written in more or less pem-format. Importing some ssh-keygen generated private key this way should work out of the box. But it does not. Interestingly if I generate the key pair using openssl I can import this key and use it together with ssh! Even ssh-keygen accepts this key and exports an ssh-format public key from it. So what does ssh-keygen do other than openssl while writing a key out? The private key written by ssh-keygen is only usable by ssh-keygen, while the private key written by openssl is usable by both: ssh-keygen and openssl! # openssl genpkey -algorithm RSA -out id_rsa.key -pkeyopt rsa_keygen_bits:2048 && chmod 0600 id_rsa.key # openssl rsa -pubout -in id_rsa.key -out id_rsa.pem && chmod 0600 $id_rsa.pem # cp id_rsa.key id_rsa # ssh-keygen -y -f id_rsa > id_rsa.pub but # ssh-keygen -t rsa -b 2048 -N "" -C "" -f id_rsa # openssl rsa -pubout -in id_rsa.key -out id_rsa.pem Creates a key openssl chocs on: unable to load Private Key 140028946031680:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY Visually there is no difference with these files (except for the key). -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
