Page MenuHome GnuPG

gpg agent in ssh-support does not import RSA-Keys greater than 4160 bits
Closed, WontfixPublic

Description

When running gpg-agent with the following config:

enable-ssh-support
pinentry-program /usr/bin/pinentry-gnome3
debug-level expert
max-cache-ttl-ssh 60

Trying to add RSA keys larger than 4159 bit yields
Could not add identity "xxxxx": agent refused operation

> $ ssh-keygen -t RSA -b 4159 -f rsa4159                                                                                                                                                                                                                                        
Generating public/private RSA key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in rsa4159.
Your public key has been saved in rsa4159.pub.
The key fingerprint is:
SHA256:uOAsI7grbUzAUsMNJZOVwxCvyWHG6AePH3UdPnCTK/w ekampitakis@theseus
The key's randomart image is:
+---[RSA 4159]----+
| .*Xo. . +.      |
| o=+=   =.o      |
|oo=..o.. +.      |
|+=++. .+ ..      |
|.+++. . S        |
|. +o.. . E       |
|o+o.o .          |
|.o+o             |
|+o               |
+----[SHA256]-----+
                                                                                                                                                                                                                                                                                 
> $ ssh-keygen -t RSA -b 4160 -f rsa4160                                                                                                                                                                                                                                        
Generating public/private RSA key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in rsa4160.
Your public key has been saved in rsa4160.pub.
The key fingerprint is:
SHA256:PRRorBe9qS9i+TlkWAam3DIupUlBeyTKL72xx/MhK8s ekampitakis@theseus
The key's randomart image is:
+---[RSA 4160]----+
| .o .  . o.      |
|...+  o = ..     |
|...o.+ + ..o     |
|  +.* o +oo      |
| o O o =S.o      |
|  = * . +  .     |
|   + = = .       |
|  ... O +..      |
|   Eoo +oo       |
+----[SHA256]-----+
                                                                                                                                                                                                                                                                                 
> $ ssh-add rsa4159                                                                                                                                                                                                                                                             
Identity added: rsa4159 (ekampitakis@theseus)
                                                                                                                                                                                                                                                                                 
> $ ssh-add rsa4160                                                                                                                                                                                                                                                             
Could not add identity "rsa4160": agent refused operation

Details

Version
2.2.12

Event Timeline

werner claimed this task.
werner added a subscriber: werner.

Right. We won't change that though. Sorry.