Open aaronvegh opened 3 years ago
@aaronvegh I've also already got an OpenSSH key format parser for RSA which could be updated to support more algorithms.
@Joannis is there a branch for your RSA implementation somewhere we can take a look at?
Is it this? https://github.com/Joannis/swift-nio-ssh/tree/jo-rsa-private-keys
@WilliamABradley I currently rely on this: https://github.com/joannis/citadel
I've written a slightly more general version of Joannis' RSA key parser. It currently also accepts ed25519 keys. Might be a nice addition to swift-nio-ssh in some form once his PR for custom key support is merged. The parser lives in https://github.com/orlandos-nl/Citadel/pull/8
As I use SwiftNIO SSH, I need to provide the ability for my users to employ their existing private keys to connect to a remote host. As has been well-documented, SwiftCrypto lacks the ability to decrypt such keys when generated by OpenSSH.
Quoth @Lukasa in the Slack:
"If the user’s OpenSSH private key is passphrase protected then we cannot handle them in-tree at all. Because the way those keys are encrypted does not allow us to decrypt them with the APIs Swift Crypto provides. This is a ripe opportunity for someone to write a third-party extension to the library to handle this use-case."
This proposed extension to SwiftNIO SSH should solve two orthogonal problems: