Public bug reported:
Changing a key comment within a private key might not be something you
do on a daily basis, but it is mostly a frustrating task, since the
documentation is incomplete and wrong. In particular the man page says:
-c Requests changing the comment in the private and public key
files. This operation is only supported for RSA1 keys and keys stored in the
newer OpenSSH
format. The program will prompt for the file containing the
private keys, for the passphrase if the key has one, and for the new comment.
So, one gets the impression that this is not applicable to newer keys.
However bug #811125 dealt with this, and there was a commit (see [1])
that added support for basically all key types. In the case of RSA keys
one has to use the new key format though (-o), which can only be find
out with trial and error and is not documented at all.
Furthermore the output of an actual ssh-keygen run is also confusing:
[kbabioch@antares .ssh]$ ssh-keygen -c -C "new comment" -f id_rsa -o
Enter passphrase:
Key now has comment '(null)'
The comment in your key file has been changed.
The output tells me that the key is now empty (null). However the
comment is correctly set, so while this works as intended, it is
confusing to the user.
[1] https://github.com/openssh/openssh-
portable/commit/4d90625b229cf6b3551d81550a9861897509a65f#diff-
8a50ef3f3b9ea11be3c3b2fc1c0555b3
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
** Tags: change comment documentation ssh
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1615305
Title:
Output when changing comment is weird and badly documented
Status in openssh package in Ubuntu:
New
Bug description:
Changing a key comment within a private key might not be something you
do on a daily basis, but it is mostly a frustrating task, since the
documentation is incomplete and wrong. In particular the man page
says:
-c Requests changing the comment in the private and public key
files. This operation is only supported for RSA1 keys and keys stored in the
newer OpenSSH
format. The program will prompt for the file containing the
private keys, for the passphrase if the key has one, and for the new comment.
So, one gets the impression that this is not applicable to newer keys.
However bug #811125 dealt with this, and there was a commit (see [1])
that added support for basically all key types. In the case of RSA
keys one has to use the new key format though (-o), which can only be
find out with trial and error and is not documented at all.
Furthermore the output of an actual ssh-keygen run is also confusing:
[kbabioch@antares .ssh]$ ssh-keygen -c -C "new comment" -f id_rsa -o
Enter passphrase:
Key now has comment '(null)'
The comment in your key file has been changed.
The output tells me that the key is now empty (null). However the
comment is correctly set, so while this works as intended, it is
confusing to the user.
[1] https://github.com/openssh/openssh-
portable/commit/4d90625b229cf6b3551d81550a9861897509a65f#diff-
8a50ef3f3b9ea11be3c3b2fc1c0555b3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1615305/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
