Mercurial > dropbear
view dropbearconvert.1 @ 1638:315fcba6960e
dropbearconvert: keyimport.c: fix BER encoding of secp521r1 keys (#69)
keysizes >= 128 octets will be encoded with a 3 byte header
which must be accounted by the optional-header
Reproduce:
master:~/build/dropbear$ ./dropbearkey -t ecdsa -s 521 -f K
Generating 521 bit ecdsa key, this may take a while...
master:~/build/dropbear$ ./dropbearconvert d o K L
Key is a ecdsa-sha2-nistp521 key
Wrote key to 'L'
master:~/build/dropbear$ openssl ec < L
read EC key
unable to load Key
139769806448384:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:crypto/asn1/asn1_lib.c:91:
| author | Christian Hohnstädt <christian@hohnstaedt.de> |
|---|---|
| date | Wed, 20 Mar 2019 16:42:47 +0100 |
| parents | 80cacacfec23 |
| children | 863f31b4cf3c |
line wrap: on
line source
.TH dropbearconvert 1 .SH NAME dropbearconvert \- convert between Dropbear and OpenSSH private key formats .SH SYNOPSIS .B dropbearconvert .I input_type .I output_type .I input_file .I output_file .SH DESCRIPTION .B Dropbear and .B OpenSSH SSH implementations have different private key formats. .B dropbearconvert can convert between the two. .P Dropbear uses the same SSH public key format as OpenSSH, it can be extracted from a private key by using .B dropbearkey \-y .P Encrypted private keys are not supported, use ssh-keygen(1) to decrypt them first. .SH ARGUMENTS .TP .I input_type Either .I dropbear or .I openssh .TP .I output_type Either .I dropbear or .I openssh .TP .I input_file An existing Dropbear or OpenSSH private key file .TP .I output_file The path to write the converted private key file. For client authentication ~/.ssh/id_dropbear is loaded by default .SH EXAMPLE # dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_dropbear .SH AUTHOR Matt Johnston ([email protected]). .SH SEE ALSO dropbearkey(1), ssh-keygen(1) .P https://matt.ucc.asn.au/dropbear/dropbear.html