From c48dde59ec5591eacf95d782113b8b6633a21383 Mon Sep 17 00:00:00 2001 From: djm Date: Wed, 8 Aug 2018 01:16:01 +0000 Subject: [PATCH] Use new private key format by default. This format is suported by OpenSSH >= 6.5 (released January 2014), so it should be supported by most OpenSSH versions in active use. It is possible to convert new-format private keys to the older format using "ssh-keygen -f /path/key -pm PEM". ok deraadt dtucker --- usr.bin/ssh/ssh-keygen.1 | 24 ++++++++---------------- usr.bin/ssh/ssh-keygen.c | 7 ++++--- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/usr.bin/ssh/ssh-keygen.1 b/usr.bin/ssh/ssh-keygen.1 index 3525d7d1756..dd6e7e5a8a3 100644 --- a/usr.bin/ssh/ssh-keygen.1 +++ b/usr.bin/ssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.147 2018/03/12 00:52:01 djm Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.148 2018/08/08 01:16:01 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 12 2018 $ +.Dd $Mdocdate: August 8 2018 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -233,10 +233,8 @@ This is used by .Pa /etc/rc to generate new host keys. .It Fl a Ar rounds -When saving a new-format private key (i.e. an ed25519 key or when the -.Fl o -flag is set), this option specifies the number of KDF (key derivation function) -rounds used. +When saving a private key this option specifies the number of KDF +(key derivation function) rounds used. Higher numbers result in slower passphrase verification and increased resistance to brute-force password cracking (should the keys be stolen). .Pp @@ -264,8 +262,6 @@ flag will be ignored. Provides a new comment. .It Fl c Requests changing the comment in the private and public key files. -This operation is only supported for keys stored in the -newer OpenSSH format. The program will prompt for the file containing the private keys, for the passphrase if the key has one, and for the new comment. .It Fl D Ar pkcs11 @@ -410,6 +406,10 @@ or (PEM public key). The default conversion format is .Dq RFC4716 . +Setting a format of +.Dq PEM +when generating or updating a supported private key type will cause the +key to be stored in the legacy PEM private key format. .It Fl N Ar new_passphrase Provides the new passphrase. .It Fl n Ar principals @@ -504,14 +504,6 @@ The is a comma-separated list of one or more address/netmask pairs in CIDR format. .El -.It Fl o -Causes -.Nm -to save private keys using the new OpenSSH format rather than -the more compatible PEM format. -The new format has increased resistance to brute-force password cracking -but is not supported by versions of OpenSSH prior to 6.5. -Ed25519 keys always use the new private key format. .It Fl P Ar passphrase Provides the (old) passphrase. .It Fl p diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 2c3a6dd1f5b..12a5addb957 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.318 2018/07/09 21:59:10 markus Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.319 2018/08/08 01:16:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -172,7 +172,7 @@ char *key_type_name = NULL; char *pkcs11provider = NULL; /* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */ -int use_new_format = 0; +int use_new_format = 1; /* Cipher for new-format private keys */ char *new_format_cipher = NULL; @@ -2413,6 +2413,7 @@ main(int argc, char **argv) } if (strcasecmp(optarg, "PEM") == 0) { convert_format = FMT_PEM; + use_new_format = 0; break; } fatal("Unsupported conversion format \"%s\"", optarg); @@ -2420,7 +2421,7 @@ main(int argc, char **argv) cert_principals = optarg; break; case 'o': - use_new_format = 1; + /* no-op; new format is already the default */ break; case 'p': change_passphrase = 1; -- 2.20.1