Page MenuHomePhabricator

Support keys with line comments
Open, Needs TriagePublic

Description

The presence of line comments in the key file makes it unreadable to libssh

[2017/09/20 11:12:23.757044, 2] ssh_pki_import_privkey_base64:  Trying to decode privkey passphrase=false
[2017/09/20 11:12:23.757067, 1] pki_private_key_from_base64:  Unknown or invalid private key.

The same key is usable by OpenSSH and removing the line comments makes it compatible with libssh:

Example:

# line comment
# line comment
-----BEGIN RSA PRIVATE KEY-----
key data
-----END RSA PRIVATE KEY-----

Event Timeline

nickb937 created this task.Sep 20 2017, 8:41 PM
asn reopened this task as Open.Sep 4 2018, 8:36 PM
asn added a subscriber: asn.

Ups that was the wrong bug.

Jakuje added a subscriber: Jakuje.Jun 19 2019, 3:09 PM

I think this got resolved over the time and the PEM files are readable including the inline comments (probably because of the removal of the SSH1 protocol, which had special conditions for the old RSA1 keys).

But it looks like there is the same issue with the new OpenSSH key format. This format does not allow inline comments like this at this moment and the OpenSSH tools do not accept such keys with inline comments either.

I will add a reproducer for this bug so we are safe for future, but otherwise I think we can close this one.