Re: Public key storage format in OpenSSH
- From: "James S. Singleton" <pt109@xxxxxxxxxx>
- Date: Sat, 25 Feb 2006 08:53:10 GMT
On Fri, 24 Feb 2006 23:16:51 -0500, Richard E. Silverman wrote:
"JSS" == James S Singleton <pt109@xxxxxxxxxx> writes:
JSS> OpenSSH stores public keys in totally different formats, JSS>
depending on whether version 1.5 or version 2 of the protocol is JSS>
being used. Can anybody explain the difference?
The first format was defined by the first implementation of SSH-1 by Tatu
Ylönen in 1995. A new format was needed for SSH-2, as SSH-1 only allowed
RSA keys whereas SSH-2 can have any number of key types, and OpenSSH
implements two: RSA and DSA.
JSS> For 1.5 the format is obvious; for 2, it is not.
some datatype definitions:
length = 4 bytes, 32-bit integer (big-endian)
string = [length L] [L bytes: the string]
bignum = string N (binary, length <= 8192)
where N = BIGNUM type as defined in the OpenSSL crypto library
(openssl/bn.h) (multiprecision [large] integer)
An OpenSSH public key line consists of:
key-type [base64 encoded string] comment
This is the format of base64-decoded bytes:
[string: key type in ASCII ("ssh-rsa"|"ssh-dsa"|"rsa"|"dsa")]
(yes, the key type is repeated inside the encoded portion)
(case RSA key)
bignum: public exponent (e)
bignum: modulus (n)
(case DSA key)
bignum: p
bignum: q
bignum: g
bignum: y
(<p,q,g,y> DSA key parameters as defined e.g. here:
http://en.wikipedia.org/wiki/Digital_Signature_Algorithm)
OK, thanks so much.
.
- References:
- Public key storage format in OpenSSH
- From: James S. Singleton
- Re: Public key storage format in OpenSSH
- From: Richard E. Silverman
- Public key storage format in OpenSSH
- Prev by Date: Re: Public key storage format in OpenSSH
- Next by Date: password authentication only
- Previous by thread: Re: Public key storage format in OpenSSH
- Next by thread: password authentication only
- Index(es):
Relevant Pages
|
|
