Unable to use pkcs8 private keys with SSH on Mavericks (10.9)
| Originator: | jesseendahl | ||
| Number: | rdar://17138424 | Date Originated: | 11/10/2013 |
| Status: | Closed | Resolved: | No |
| Product: | OS X | Product Version: | 10.9 |
| Classification: | Bug | Reproducible: | Always |
Summary: The version of SSH provided in Mavericks does not support pkcs8 private keys. Using our client management software, we want to enforce that all private keys in our organization are using PKCS#8 based keys with PBKDF2 instead of SSH's default (MD5), but making this change would be difficult until Apple patches this issue. Steps to Reproduce: 1. Upgrade your an SSH private key, following instructions in this blog post: http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html 2. Try to use it. Expected Results: Expected result is that I am prompted to enter the passphrase, I have the option of storing it in Keychain, and then the connection succeeds. Actual Results: The user gets prompted for the password repeatedly. The private key is never decrypted and cannot be used to initiate SSH connections. Version: 10.9.3/13D65 Notes: Related bug report: 14776937
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!