[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh_pki_export_privkey_file for SSH_KEYTYPE_RSA key returns SSH_ERROR


On Tue, 17 Dec 2019 09:25:18 +0100
Jakub Jelen <jjelen@xxxxxxxxxx> wrote:

> On Mon, 2019-12-16 at 23:39 +0100, Torsten Kuehnel wrote:
> > I'm new to programming using libssh. 
> > 
> > When i take the keygen.c example file in the examples directory, it
> > fails during execution when i change the keytype.
> > 
> > [tdkuehnel@ multiboot examples]$ ./keygen 
> > Failed to write private key file[tdkuehnel@ multiboot examples]$ 
> > 
> > /*    rv = ssh_pki_generate(SSH_KEYTYPE_ED25519, 0, &key);*/
> >     rv = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
> > 
> > Do i miss additional steps in preparing the rsa key to be exported ?
> > 
> > Complete code:
> > 
> > #include <libssh/libssh.h>
> > #include <stdio.h>
> > 
> > int main(void)
> > {
> >     ssh_key key = NULL;
> >     int rv;
> > 
> >     /* Generate a new ED25519 private key file */
> > /*    rv = ssh_pki_generate(SSH_KEYTYPE_ED25519, 0, &key);*/
> >     rv = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
> >     if (rv != SSH_OK) {
> >         fprintf(stderr, "Failed to generate private key");
> > 	return -1;
> >     }
> > 
> >     /* Write it to a file testkey in the current dirrectory */
> >     rv = ssh_pki_export_privkey_file(key, NULL, NULL, NULL,
> > "testkey");
> >     if (rv != SSH_OK) {
> >         fprintf(stderr, "Failed to write private key file");
> > 	return -1;
> >     }
> > 
> >     return 0;
> > }
> 
> This exact code works for me just fine and generates the testkey file
> without any problem (with libssh-0.9.2-1.fc31.x86_64). Are you getting
> the error from the key generation or export function?
> 
> $ gcc -lssh keygen.c -o keygen
> $ ./keygen 
> $ echo $?
> 0
> $ cat testkey 
> -----BEGIN PRIVATE KEY-----
> [...]
> 
> 
> Regards,
> -- 
> Jakub Jelen
> Senior Software Engineer
> Security Technologies
> Red Hat, Inc.
> 

Using the latest source from https://www.libssh.org/files/0.9/libssh-0.9.3.tar.xz 
on 14.2 slackware i still get the "Failed to write private key file" message.

...
[tdkuehnel@ multiboot examples]$ make 
[ 61%] Built target ssh
[ 63%] Built target libsshpp
[ 68%] Built target sshnetcat
[ 72%] Built target scp_download
[ 77%] Built target samplesftp
[ 81%] Built target senddata
[ 85%] Built target libssh_scp
[ 86%] Built target libsshpp_noexcept
[ 88%] Built target ssh_server_fork
Scanning dependencies of target keygen
[ 89%] Building C object examples/CMakeFiles/keygen.dir/keygen.c.o
[ 90%] Linking C executable keygen
[ 90%] Built target keygen
[ 94%] Built target ssh-client
[ 96%] Built target samplesshd-kbdint
[100%] Built target exec
[tdkuehnel@ multiboot examples]$ ./keygen 
Failed to write private key file[tdkuehnel@ multiboot examples]$ 

The key gets generated, ssh_key_is_private returns SSH_OK, ssh_key_type works ...
but not ssh_pki_export_privkey_file, it returns !SSH_OK.

Any thoughts or hints where i could dig into ? 

The Slackbuilds script configures with 
  cmake \
    -DCMAKE_INSTALL_PREFIX=/usr \
    -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \
    -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \
    -DLIB_SUFFIX=${LIBDIRSUFFIX} \
    -DWITH_GCRYPT=1 \
    -DWITH_SSH1=1 \
    -DWITH_PCAP=1 \
    -DWITH_SFTP=1 \
    -DWITH_SERVER=1 \
    -DWITH_STATIC_LIB=0 \

which results in

-- ********** libssh build options : **********
-- zlib support: ON
-- libgcrypt support: 1
-- libmbedTLS support: OFF
-- libnacl support: OFF
-- SFTP support: 1
-- Server support : 1
-- GSSAPI support : 0
-- GEX support : ON
-- Pcap debugging support : 1
-- Build shared library: ON
-- Unit testing: OFF
-- Client code testing: OFF
-- Blowfish cipher support: OFF
-- Server code testing: OFF
-- Public API documentation generation
-- Benchmarks: OFF
-- Symbol versioning: ON
-- Allow ABI break: OFF
-- Release is final: 
-- Global client config: /etc/ssh/ssh_config
-- Global bind config: /etc/ssh/libssh_server_config
-- ********************************************

Any hints ?
-- 
Torsten Kuehnel <tdkuehnel@xxxxxxxxxxxxxxxxxxxxx>

References:
ssh_pki_export_privkey_file for SSH_KEYTYPE_RSA key returns SSH_ERRORTorsten Kuehnel <tdkuehnel@xxxxxxxxxxxxxxxxxxxxx>
Re: ssh_pki_export_privkey_file for SSH_KEYTYPE_RSA key returns SSH_ERRORJakub Jelen <jjelen@xxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org