Page MenuHomePhabricator

Passphrase can't distinguish between correct, mangled, and passphrase-encoded SSH keys
Closed, ResolvedPublic


See PHI135. In that case, a user uploaded an SSH private key to passphrase which was missing a header and footer. This (a) didn't work and (b) appeared to be a passphrase key.

We could do a better job of trying to detect invalid private keys (missing header, passphrase-encrypted).

Event Timeline

epriestley claimed this task.

I've marked D20905 as resolving this. This isn't really "resolved" completely, but T13454 has a better description of what the problems are and why they're difficult. Our behavior is, at least, substantially better than it was before.