[Bug] Remember ssh key passphrase

[Schueni1]

App Version: 1.9

Since version 1.9 the "Remember passphrase" feature for the ssh key is not working anymore.

After pulling down two or three times to synchronise the remote git repo I get asked for the ssh passphrase.

[msfjarvis]

Please do not remove the issue template when reporting bugs, it makes things harder than they need to be :(

[msfjarvis]

I just automated 50 sync operations and was never prompted for my passphrase, please update the issue with reliable reproduction steps as mentioned in the bug report template.

[moppman]

Not OP, but probably related: My ssh key has no passphrase. Since 1.9.0, I am prompted to set a passphrase or leave the textfield empty on each sync. If I leave it empty (i.e. don't set a passphrase), syncing works. However, the "remember passphrase" flag doesn't seem to be honored on an empty passphrase, because I'm prompted again on each sync.

[msfjarvis]

Not OP, but probably related: My ssh key has no passphrase. Since 1.9.0, I am prompted to set a passphrase or leave the textfield empty on each sync. If I leave it empty (i.e. don't set a passphrase), syncing works. However, the "remember passphrase" flag doesn't seem to be honored on an empty passphrase, because I'm prompted again on each sync.

That's very helpful, thanks!

[fmeum]

@moppman Do you know how you generated your key? I cannot reproduce this with a key with no passphrase generated directly within Password Store, but it might very well happen with imported key files in other formats.

[moppman]

@moppman Do you know how you generated your key? I cannot reproduce this with a key with no passphrase generated directly within Password Store, but it might very well happen with imported key files in other formats.

@FabianHenneke I generated my key via ssh-keygen from the openssh-client Debian package and then imported it into Password Store.

[fmeum]

@moppman Do you know how you generated your key? I cannot reproduce this with a key with no passphrase generated directly within Password Store, but it might very well happen with imported key files in other formats.

@FabianHenneke I generated my key via ssh-keygen from the openssh-client Debian package and then imported it into Password Store.

Okay, I should be able to reproduce this then. Which key type are you using and when did you generate the key approximately (this year, five years ago,...)?

[moppman]

The key is a 4096 bit RSA key from Feb. 2018.

[Schueni1]

Same for me. 4096 bit RSA key generated about 3 years ago.

[fmeum]

Could you test whether #880 fixes this for you?

@msfjarvis and I did not catch this during testing since we were using key files generated either in the app or with a current version of OpenSSH. OpenSSH changed the default key file format in late 2018 and the new key files do no longer use an empty string as passphrase if they are not encrypted, but indicate this directly.

[fmeum]

@Schueni1 @moppman Starting with 1.9.0, Password Store also supports ssh-ed25519 keys. You might want to give it a try and replace your old keys, the new ones will certainly sign much faster.

[Schueni1]

I just generated a new ssh key with the following command:

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "me@example.xyz"

and imported it on the app. This solved the problem for me!

Though I think it isn't perfect that version 1.9 breaks the Remember-Feature for 4096bit RSA SSH keys.

[fmeum]

It does break it only for RSA SSH key files generated before 2019.

@msfjarvis If the fix solves the problem, should we publish it as a point release?

[msfjarvis]

It does break it only for RSA SSH key files generated before 2019.

@msfjarvis If the fix solves the problem, should we publish it as a point release?

Yeah I think we should. Please create a 1.9.1 milestone and move this issue and the PR to it.

[msfjarvis]

I tried to test this with RSA2048 and RSA4096 keys from OpenSSH 6.6.1p1, but I've still not received a passphrase prompt yet. Is there a specific set of flags I must pass to ssh-keygen? I've tried these so far:

ssh-keygen -t rsa -b 2048
ssh-keygen -t rsa -b 4096
ssh-keygen -o -a 100 -t rsa -b 4096

[fmeum]

I tried to test this with RSA2048 and RSA4096 keys from OpenSSH 6.6.1p1, but I've still not received a passphrase prompt yet. Is there a specific set of flags I must pass to ssh-keygen? I've tried these so far:

ssh-keygen -t rsa -b 2048
ssh-keygen -t rsa -b 4096
ssh-keygen -o -a 100 -t rsa -b 4096

I managed to reproduce the issue by passing in -m PEM using a modern version of OpenSSH.

[Schueni1]

Is this going to fix the empty password problem only or will it also work with old ssh keys with a password?

I don't know exactly when I generated my old ssh key and the openssh version I used :confused:

[msfjarvis]

Is this going to fix the empty password problem only or will it also work with old ssh keys with a password?

I don't know exactly when I generated my old ssh key and the openssh version I used

I'm not sure either tbh. Care to find out? Snapshot build

[Schueni1]

Nope. It does not. I just reimported the old ssh key on the new snapshot version and I'm still prompted for a password.

[msfjarvis]

That's a bummer. If you can provide some details (like key type and size) then hopefully @FabianHenneke would be able to dig up something.

[fmeum]

I would be particularly interested in reproduction steps. Does the issue really only show up after the third refresh gesture?

[Schueni1]

Hmmm. As I said it is 4096Bit rsa key generated about 2 or 3 years ago with ssh-keygen. I don't know which version of openssh it was.

I just generated a new 4096 bit rsa key and this is how it looks:

-----BEGIN OPENSSH PRIVATE KEY-----
RandomData
-----END RSA PRIVATE KEY-----

This is how my old rsa key looks like:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,4CF**************************C4C

RandomData
-----END RSA PRIVATE KEY-----

The fourth line in the old ssh-key private file is an empty line. Just before the random data starts.

[Schueni1]

It always shows up after the second refresh gesture.

Reproduction steps: 1) Import the old rsa ssh key on either app version 1.9 or 1.10-snapshot. 2) Pull down to refresh (Not prompted for a password) 3) Pull down again -> Prompted for a password

How reproducable is this? 100%

Does clearing cache and data make a difference? No

With the new generated rsa key I'm not prompted for a password. Removing any of the three lines after -----BEGIN RSA PRIVATE KEY----- from the old key breaks it and I always get a wrong password message when I try to use it.

[Schueni1]

I just managed to reproduce this error with a new key. I used this version of openssh: _OpenSSH8.3p1, OpenSSL 1.1.1g 21 Apr 2020 and generated the key with the following command: ssh-keygen -o -b 4096 -f ~/.ssh/test -C "test@test.xyz" -m PEM and entered a password when I was prompted for it. Then I imported the key on the app and after the second refresh I am prompted for a password.

[fmeum]

I just managed to reproduce this error with a new key. I used this version of openssh: _OpenSSH8.3p1, OpenSSL 1.1.1g 21 Apr 2020 and generated the key with the following command: ssh-keygen -o -b 4096 -f ~/.ssh/test -C "test@test.xyz" -m PEM and entered a password when I was prompted for it. Then I imported the key on the app and after the second refresh I am prompted for a password.

I can reproduce the issue with these steps and will investigate. Thanks!

@msfjarvis In passing: The "wrong passphrase" indicator overlaps the new "view password" toggle button. Maybe there is some other Material style visualization for errors?

[fmeum]

@Schueni1 @msfjarvis The root cause is this line in the decoder for the old-style private key file format. It clears the buffer that holds the passphrase bytes and we are currently passing this buffer by reference. The decoder for new-style private key files doesn't clear the buffer.

To fix this, I will pass a copy of the buffer. I have also submitted https://github.com/hierynomus/sshj/pull/609 to ensure that sshj wipes as much as possible.

[fmeum]

Something else is broken too, though. Will have to take a deeper look.

[msfjarvis]

@msfjarvis In passing: The "wrong passphrase" indicator overlaps the new "view password" toggle button. Maybe there is some other Material style visualization for errors?

I'll get that sorted.

[msfjarvis]

@msfjarvis In passing: The "wrong passphrase" indicator overlaps the new "view password" toggle button. Maybe there is some other Material style visualization for errors?

I imagine this is a regression (https://github.com/material-components/material-components-android/issues/1444), I'll walk back a couple versions and see if I can find where this works. Scratch that, Kotlin was the problem. Fixed it by doing this.

[fmeum]

@Schueni1 Could you verify whether the issue is fixed in the current snapshot build? We merged the PR that should fix it.

[Schueni1]

Yes it works! I'm not prompted for a passphrase any more.

[msfjarvis]

Great, I'll prep 1.9.1