-
-
Notifications
You must be signed in to change notification settings - Fork 495
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
age -d -i does not support aes256-cbc encrypted ed25519 private keys #100
Comments
Looks like the default cipher that AFAICT those are the only two ciphers that have ever been default for |
Unfortunately, this isn't really fixable from here. x/crypto/ssh explicitly checks for the "aes256-ctr" string and fails otherwise when using passphrase-protected keys. I'll open an issue to see if excluding CBC was intentional. |
When OpenSSH introduced its current encrypted-key format, ssh-keygen defaulted to "aes256-cbc" for the cipher. This was changed in OpenSSH 7.6 (released 2017-10-03) to "aes256-ctr", and is the same to this day. Adding support for "aes256-cbc" ensures compatibility with all encrypted keys generated by ssh-keygen since OpenSSH 6.5 (released 2014-01-30). See also FiloSottile/age#100
I submitted a change to fix this to x/crypto, so it's closable once the commit is merged |
When OpenSSH introduced its current encrypted-key format, ssh-keygen defaulted to "aes256-cbc" for the cipher. This was changed in OpenSSH 7.6 (released 2017-10-03) to "aes256-ctr", and is the same to this day. Adding support for "aes256-cbc" ensures compatibility with all encrypted keys generated by ssh-keygen in this format since it was introduced in OpenSSH 6.5 (released 2014-01-30). See also FiloSottile/age#100
When OpenSSH introduced its current encrypted-key format, ssh-keygen defaulted to "aes256-cbc" for the cipher. This was changed in OpenSSH 7.6 (released 2017-10-03) to "aes256-ctr", and is the same to this day. Adding support for "aes256-cbc" ensures compatibility with all encrypted keys generated by ssh-keygen in this format since it was introduced in OpenSSH 6.5 (released 2014-01-30). See also FiloSottile/age#100
Environment
What were you trying to do
I have encrypted a file using
age -r "ssh-ed25519 AAAA..." -o testfile.age testfile
and then wanted to decrypt it usingage -d -i ~/.ssh/id_ed25519 testfile.age
What happened
age errored that it does not support aes-cbc mode:
I created my key some years ago with
ssh-keygen -t ed25519
I expect age to support decrypting aes-cbc as well (128/256bits)
Interesting side note: My RSA private key is encrypted using aes-128-cbc but using it with age works at this point. Not sure why though.
The text was updated successfully, but these errors were encountered: