Opened 14 months ago

Closed 10 months ago

Last modified 10 months ago

#9683 enhancement closed fixed (fixed)

conch can't write private keys in OpenSSH's new ("v1") format

Reported by: Colin Watson Owned by: Glyph <glyph@…>
Priority: normal Milestone:
Component: conch Keywords:
Cc: Branch:
Author:

Description

OpenSSH 6.5 introduced a new private key format. In #9515 I added support for reading such keys, but it would also be useful to support writing them: in particular, this is a prerequisite for Ed25519 support (since the old PEM format doesn't define any encoding of those keys), and I think it makes more sense to add support for this format as a separate feature.

I have a working patch for this, but it depends on my fixes for #9681 and #9682, so I'll push this for review once those have landed.

Change History (7)

comment:1 Changed 11 months ago by Colin Watson

Keywords: review added

comment:2 Changed 11 months ago by Glyph

Keywords: review removed
Owner: set to Colin Watson

Hey Colin,

It looks like the other things have been reviewed & merged, but PR 644 doesn't currently have anything in a reviewable state. Can you push an updated PR so we know what needs reviewing? It seems like this long saga might finally be drawing to a close...

Thanks!

comment:3 Changed 11 months ago by Colin Watson

Keywords: review added
Owner: Colin Watson deleted

Ugh, sorry, I had a copy-and-paste accident and linked the wrong PR from this ticket. The correct one is:

https://github.com/twisted/twisted/pull/1193

comment:4 Changed 11 months ago by Glyph

Keywords: review removed
Owner: set to Colin Watson

comment:5 Changed 11 months ago by Colin Watson

Keywords: review added
Owner: Colin Watson deleted

Addressed review feedback, with the exception of one bit I don't understand.

Visual Studio tests are currently crashing and burning for reasons that seem unrelated to my branch.

comment:6 Changed 10 months ago by Glyph <glyph@…>

Owner: set to Glyph <glyph@…>
Resolution: fixed
Status: newclosed

In e7f1c46:

Merge pull request #1193 from cjwatson/9683-openssh-key-v1-encode

Author: cjwatson

Reviewer: glyph

Fixes: ticket:9683

twisted.conch.ssh.keys can now write private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. ckeygen has a corresponding new --private-key-subtype=v1 option.

comment:7 Changed 10 months ago by Glyph

Keywords: review removed
Note: See TracTickets for help on using tickets.