Passphrase can't distinguish between correct, mangled, and passphrase-encoded SSH keys
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	epriestley
	Oct 9 2017, 7:55 PM

Description

See PHI135. In that case, a user uploaded an SSH private key to passphrase which was missing a header and footer. This (a) didn't work and (b) appeared to be a passphrase key.

We could do a better job of trying to detect invalid private keys (missing header, passphrase-encrypted).

Revisions and Commits

rP Phabricator
	Abandoned		D20904 Perform a more sophisticated test for private keys with credentials
		D21245	rP3dea92081bbe Fix an issue where passphrase-protected private keys were stored without…
		D20905	rP2adc36ba0b8d Correctly identify more SSH private key problems as "formatting" or…

Related Objects
Search...

		Status	Assigned	Task
		Resolved	epriestley	T13454 Handle password-protected SSH keys with no "ENCRYPTED" text in the key body
		Resolved	epriestley	T13006 Passphrase can't distinguish between correct, mangled, and passphrase-encoded SSH keys

Event Timeline

epriestley created this task.Oct 9 2017, 7:55 PM

Herald added a subscriber: eadler. · View Herald TranscriptOct 9 2017, 7:55 PM

joshuaspence added a subscriber: joshuaspence.Oct 16 2017, 11:54 AM

epriestley mentioned this in T13123: Plans: Improve SSH key parsing and handling.Apr 13 2018, 2:03 PM

epriestley added a revision: D20904: Perform a more sophisticated test for private keys with credentials.Nov 11 2019, 7:19 PM

epriestley added a parent task: T13454: Handle password-protected SSH keys with no "ENCRYPTED" text in the key body.Nov 13 2019, 6:12 PM

epriestley added a revision: D20905: Correctly identify more SSH private key problems as "formatting" or "passphrase" related.Nov 13 2019, 6:17 PM

I've marked D20905 as resolving this. This isn't really "resolved" completely, but T13454 has a better description of what the problems are and why they're difficult. Our behavior is, at least, substantially better than it was before.

Herald added a subscriber: amckinley. · View Herald TranscriptNov 13 2019, 6:19 PM

epriestley added a commit: rP2adc36ba0b8d: Correctly identify more SSH private key problems as "formatting" or….Nov 13 2019, 6:22 PM

epriestley added a revision: D21245: Fix an issue where passphrase-protected private keys were stored without discarding passphrases.May 13 2020, 3:05 PM

epriestley added a commit: rP3dea92081bbe: Fix an issue where passphrase-protected private keys were stored without….May 13 2020, 3:14 PM

Passphrase can't distinguish between correct, mangled, and passphrase-encoded SSH keysClosed, ResolvedPublicActions

Description

Revisions and Commits

Related ObjectsSearch...

Event Timeline

Passphrase can't distinguish between correct, mangled, and passphrase-encoded SSH keys
Closed, ResolvedPublic
Actions

Related Objects
Search...