Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
x/crypto/ssh: AES256-CBC isn't supported for passphrase-protected OpenSSH keys #37939
Someone over in @FiloSottile's age repo filed an issue a couple weeks ago (FiloSottile/age#100) because age reported an error on an older Ed25519 SSH key. Until v7.6 in 2017, OpenSSH used AES256-CBC as its default for password protected keys, and many of those keys are still in use.
This happens because x/crypto/ssh only checks for CTR-mode AES in crypto/ssh/keys.go#L1249-L1251. The error isn't triggered with RSA keys generated by the same OpenSSH version, as they're labeled RSA PRIVATE KEY rather than OPENSSH PRIVATE KEY.
I'm partway through a fix, but I want to make sure that this wasn't an intentional move to discourage using older keys before I put too much effort into it.