Re: PEM_write_ed25519

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 16 May 2024, Anabelle VanDenburgh wrote:

> For no particular reason, i'm looking to convert my ed25519 private key to
> pem. A user on stackoverflow suggested running `ssh-keygen -p -f
> path/to/your/key -m pem` [^1], which errors, printing `do_convert_to_pem:
> unsupported key type ED25519`. Looking at the corresponding line in source, it
> seems that only RSA, DSA, & ECDSA keys can be converted to pem.[^2] With new
> keys defaulting to ED25519 as of [1.471][^3], are there plans to add support
> for exporting ed25519 to pem?

Nobody has asked before, so it wasn't planned. It will probably be trivial
to implement once https://github.com/djmdjm/openssh-wip/pull/27 is merged.

BTW if your keys have passphrases then the PEM format is usually weaker
than OpenSSH's native private key format. The OpenSSH format uses a
KDF (key derivation function) that is considerably more resistant to
offline cracking that anything that was available in PEM*

-d

* at least when I last checked.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux