From: \ (monroe_at_peoplego.com)
To: Michael Mannsberger <firstname.lastname@example.org> Date: Thu, 04 Aug 2005 17:32:23 -0700
The private keys when stored are pem encoded. I presume you want to
search the file system and find unprotected keys. Provided the file
systems that you are searching are receptive to such a query. If a
private key is encrypted it will say so in the first N bytes of the
My experience has suggested if the key is encrypted, but the files
indicated as such would necessitate a custom ssh client. It would seem
to me in your favorite scripting or compiled language: check the file to
ensure ascii, open the file, check the first couple of lines to
determine key type: openssh2, openssh.com, putty etc...
Then pass the next lines to your check functions if you don't find the
crypto notice then its an unprotected file.
I presume you are already versed in the command option the public key
entries can contain such can mitigate much of the risk associated with
an unencrypted private key.
> > How can I check if a ssh2 key has a passphrase set or not? I
> > know the structure of a ssh1 private key but can't find
> > anything on ssh2.
> > -mike