-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I got a proposal for a slight different default private key encryption protocol. Here is my understanding what ssh-keygen currently does. According to this article: http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html when you create a new key with a passphrase to protect it, ssh-keygen uses a hard-coded openssl call to do this: It encrypts the private key with AES-128 in CBC mode, and generates the encryption key the following way: 1. "Append the first 8 bytes of the IV to the passphrase, without a separator (serves as a salt)." 2. "Take the MD5 hash of the resulting string (once)." So my proposal is, to alter this by using PKCS 8 as defined in RFC 5208 as is described in the above article. This currently works already by converting your key manually: openssl pkcs8 -topk8 -v2 des3 \ -in test_rsa_key.old -passin 'pass:super secret passphrase' \ -out test_rsa_key -passout 'pass:super secret passphrase' I didn't find any contradicting documentation or stuff inside the SSH RFCs why this is not the default yet. I know this is just a little hardening and just covers cases where your encrypted private key gets stolen and is harder to bruteforce due to the use of PBKDF2 instead of MD5. What do you think about this? Is there some error in my information which prevents this from being the default way ssh keys are generated? Does this not work on all supported plattforms? Please keep me CC'ed in your answers as I'm not subscribed to the list. kind regards Sven Kieske PS: Thanks for this awesome free software and your work! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQGcBAEBAgAGBQJT0icgAAoJEAq0kGAWDrql8vAL/2XS8mhAy5Z1acQBVVA/pLd3 5bLecQQCMEJL8l0zsYSV/6YHBUj7TI0DJleN0qh4OJG+rmK+XIOz4CnnjxY/p/tg dgwy/XSXEqhoVqWajSP6Q+fiYsydAxqyTa7UXIuGtzyWyqldK6x0n5ThTeNqX/LV Qt1kLhIsD+w+0AmNN+ERI1uP72/Y1YhLluIC91lA+OrcL0RRkptXN6Vjo2WYR2e9 Edbk55N8J4Dli7YdycSs0fRykad3zjPqH/KxwOopil7+tis1dJTJIBawZaCWs0nq 7OJzF3bs+7smN5342KscO6hpSZ5igOQH2MkS3SXi8D6E5hX9KODupBtu8eZ7qvdN 4qtYno1EMaVJZUCRALmrqAxtVnkGGvDdzNC3dPGEXPgXq4QTHll9aMbWN4R3rOuC FzMCK97u3DA2ss7+6nY7A1gRSedMPisLGn4fsCYmYn+nVBFKK9s4NXzrGocPgpsA koNhXZCG2B0554NBNincT4gyO++fPQtUtLqKge/msw== =lUo9 -----END PGP SIGNATURE----- _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev