[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ssh_pki_export_privkey_file ... ISSUE FOUND - only read this reply :)
[Thread Prev] | [Thread Next]
- Subject: Re: ssh_pki_export_privkey_file ... ISSUE FOUND - only read this reply :)
- From: Torsten Kuehnel <tdkuehnel@xxxxxxxxxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 17 Dec 2019 22:13:56 +0100
- To: libssh@xxxxxxxxxx
On Tue, 17 Dec 2019 09:25:18 +0100
Jakub Jelen <jjelen@xxxxxxxxxx> wrote:
> On Mon, 2019-12-16 at 23:39 +0100, Torsten Kuehnel wrote:
> > I'm new to programming using libssh.
> >
> > When i take the keygen.c example file in the examples directory, it
> > fails during execution when i change the keytype.
> >
> > [tdkuehnel@ multiboot examples]$ ./keygen
> > Failed to write private key file[tdkuehnel@ multiboot examples]$
> >
> > /* rv = ssh_pki_generate(SSH_KEYTYPE_ED25519, 0, &key);*/
> > rv = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
> >
> > Do i miss additional steps in preparing the rsa key to be exported ?
> >
> > Complete code:
> >
> > #include <libssh/libssh.h>
> > #include <stdio.h>
> >
> > int main(void)
> > {
> > ssh_key key = NULL;
> > int rv;
> >
> > /* Generate a new ED25519 private key file */
> > /* rv = ssh_pki_generate(SSH_KEYTYPE_ED25519, 0, &key);*/
> > rv = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
> > if (rv != SSH_OK) {
> > fprintf(stderr, "Failed to generate private key");
> > return -1;
> > }
> >
> > /* Write it to a file testkey in the current dirrectory */
> > rv = ssh_pki_export_privkey_file(key, NULL, NULL, NULL,
> > "testkey");
> > if (rv != SSH_OK) {
> > fprintf(stderr, "Failed to write private key file");
> > return -1;
> > }
> >
> > return 0;
> > }
>
> This exact code works for me just fine and generates the testkey file
> without any problem (with libssh-0.9.2-1.fc31.x86_64). Are you getting
> the error from the key generation or export function?
>
> $ gcc -lssh keygen.c -o keygen
> $ ./keygen
> $ echo $?
> 0
> $ cat testkey
> -----BEGIN PRIVATE KEY-----
> [...]
>
>
> Regards,
> --
> Jakub Jelen
> Senior Software Engineer
> Security Technologies
> Red Hat, Inc.
>
Finally,
the gcrypt implementation of pki_private_key_to_pem function, which is called by ssh_pki_export_privkey_file for every key type not beeing SSH_KEYTYPE_ED25519, is empty, just returns NULL.
So switching to openssl (cmake parameter -DWITH_GCRYPT=0) solved the issue for me.
cheers !
--
Torsten Kuehnel <tdkuehnel@xxxxxxxxxxxxxxxxxxxxx>
| Re: ssh_pki_export_privkey_file ... ISSUE FOUND - only read this reply :) | Jakub Jelen <jjelen@xxxxxxxxxx> |
| ssh_pki_export_privkey_file for SSH_KEYTYPE_RSA key returns SSH_ERROR | Torsten Kuehnel <tdkuehnel@xxxxxxxxxxxxxxxxxxxxx> |
| Re: ssh_pki_export_privkey_file for SSH_KEYTYPE_RSA key returns SSH_ERROR | Jakub Jelen <jjelen@xxxxxxxxxx> |