search

Eugeny / russh

Rust SSH client & server library
https://docs.rs/russh
864 stars 90 forks source link

Can not load 3DES-encrypted OpenSSH private key #325

Open tzfun opened 1 month ago

tzfun commented 1 month ago

My key cannot be loaded successfully by russh.

I guess it is because of the extra two lines. 

Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,201B66E15944C645

Should this type of pem file be compatible? This file is available in ssh2 and all other ssh programs.

This is my key file (the middle part is omitted)

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,201B66E15944C645

cVHafLB6WoWaHItFaM2svsL5rFxZdx7qKf9RZprXcTSvqjhP6LOoNwn/b3+YQk8I
CFIjkh4b/3GzFcifP9lQ0cTTM+9SmWKU46Esf1Az5WDV2N8fHkztMr+b3hZS1LeS
2cTmTX2E+xHq6epvhs7x+v0s8ottVmzqhcfGkmxnem1GiwC4gahP1zIJRayJ9wpT
UXk5Clb9mlkV9JOK5ADJxHoHifDD5NMhSRAmGjnOvQQvW7CFM4wXBHr+MEDoZjaC
DaZhXaoMZRAzshuGJIbsu93luDxvKk5tQHwLSkfsIv8SQexCN1Qu3g11A4PrkM83
VO/Pt2x6IwyqzicCaRPGOeh1bIBxUDOK9ARgBb9nRe5zRSwHqJsUcgsXx2cNX6YI
MlUwfYeCNOaqXoZ6amcL5tFOzsY2KUKT5zwMr0IXKhgkAHQHcWX86a0BN7dZBKBP

...

O4dDCoaZd0jzQLUshnMTxiPn8WKtGrTeg5szhdrFju5T1bQDkfKrhxhvjhwiREUA
NXqGbBk4znZoqLQZAW8ftOkLv+KxEKxz+z4vGlHC/Pcn2qA7pBqSwxC2jDbUjp+4
sJADrCuIJ9YPpYzKqlF2h5VmbPRea4KWHHf9mJmE8qsxxeAozGtDtGCgSCDtND2d
Mxt7GZw1/XtNXLz8hUXvMaAhkdvzziFAfts8aRcMRtqJ6rrQaTQYXmUNlAW3Xpqs
9srfc6gT6KCwE5bQ/dBkTzJ1QSJRrZ+ru5vK3ez/zJei3ml5G7p/YFHfcuSOlP9e
6UwWc7BJAxOHETsAKVYzEpuHqHLodxhIwcoSLe460Leyyk1rB9G1Hw==
-----END RSA PRIVATE KEY-----
Eugeny commented 1 month ago

No, currently 3des-encrypted keys are not supported. If you're using this for a real application, it's a good idea to reencrypt the key into AES with ssh-keygen as 3DES is no longer considered secure.