Page MenuHome GnuPG
Create Task
Maniphest T901

gpgkey2ssh creates keys unreadable by openssh
Closed, ResolvedPublic
Actions

Description

The version of gpgkey2ssh that ships with gnupg2 creates keys that appear to be
unreadable by modern versions of openssh (i've tried this with gnupg2 2.0.9 and
openssh 4.7, built from the debian packages).

RSA keys are output with the MPIs inverted (modulus where exponent should be,
and vice versa), and DSA keys use the wrong header label ("ssh-dsa" instead of
"ssh-dss").

The attached patch resolves the problem for me.

This has also been reported as debian bug 473841:

http://bugs.debian.org/473841

Thanks for all your work on gnupg!

Related Objects

Mentioned Here
D52: 160_473841.patch

Event Timeline

dkg added a project: Bug Report.Apr 9 2008, 7:56 AM
dkg added a subscriber: dkg.

D52: 160_473841.patch

werner added a subscriber: werner.Apr 9 2008, 9:33 AM

Frankly, I don't understand for what this tool is actually useful. AFAICR, it
was used during development. I'll look into it.

dkg added a comment.Apr 9 2008, 6:19 PM

gpgkey2ssh very poorly documented (no manpage, no help output), but it is
shipped with the source tarball, so i figure it should work properly at least
when the correct parameters are offered.

This tool (or something like it) would be very useful for projects attempting to
use the OpenPGP web of trust for ssh authentication. I'm involved with one such
project, which is in its infancy:

http://cmrg.fifthhorseman.net/wiki/OpenPGPandSSH

Hope that makes a little more sense about why i care. The debian bug contains a
couple simple command-line transcripts that should be helpful in reproducing the
error.

Thanks for looking into this, Werner!

dkg added a project: gnupg.May 6 2008, 8:19 PM

Any word on this? The patch should be short enough for a quick review. It
problem can be demonstrated by setting GPGID to the key id of an RSA key, and doing:

gpgkey2ssh $GPGID > tmp.out
ssh-keygen -l -f

the first number in the ssh-keygen output should equal the bit length of the RSA
key (e.g. 1024). Numbers significantly smaller than that indicate that the
exponent is being used instead of the modulus.

You can do a comparable demonstration for DSA keys, except that ssh-keygen will
simply refuse to parse them because of the wrong label. Applying this patch
should fix both cases.

dkg added a comment.May 6 2008, 8:21 PM

Whoops! Of course, the second line of the demonstration should actually read:

ssh-keygen -l -f tmp.out

sorry for the goof.

werner added a comment.Dec 8 2008, 5:25 PM

Applied. svn rev 4887.

werner closed this task as Resolved.Dec 8 2008, 5:25 PM
werner claimed this task.