You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
And the output cannot be read by pemfile::rsa_private_key. The workaround is to do:
openssl rsa -in key.pem -out rsa_key.pem
But it would probably be better if it worked out of the box. Also, I'm the author of Thrussh, an SSH library. How about working together on a general PEM parsing crate?
The text was updated successfully, but these errors were encountered:
How about working together on a general PEM parsing crate?
I'd definitely be interested in working together on a PKCS8 crate for solving this problem. There's some good ASN1-DER parsing ground work in ring -- would a dependency on that be alright for use with/in Thrussh?
FWIW, my plan for ring is that all the key deserialization will be PKCS#8. We only implemented the simpler RSA key deserialization as an incremental step.
I'd definitely be alright with anything of the kind, even if it means writing it myself.
I just wanted to make sure we do it in a consensual way, à la Rust, to avoid reimplementing the same things everywhere.
Btw, there's a new Thrussh in my pipe, using Tokio.
Alright, after looking at this in greater detail, they seem to be different formats.
Definitely, SSH keys should also be stored in PKCS#8 format, but they're not, for historical reasons.
I think Thrussh should support both, and default to PKCS#8.
I just did the following for test purposes:
And the output cannot be read by
pemfile::rsa_private_key
. The workaround is to do:But it would probably be better if it worked out of the box. Also, I'm the author of Thrussh, an SSH library. How about working together on a general PEM parsing crate?
The text was updated successfully, but these errors were encountered: