Subject: Re: Libssh2: Libgcrypt authentication failure

Re: Libssh2: Libgcrypt authentication failure

From: Simon Josefsson <simon_at_josefsson.org>
Date: Thu, 02 Sep 2010 08:38:04 +0200

Paul Romero <paulr_at_rcom-software.com> writes:

> Hi Simon:
>
> What version of PKCS is commonly used by SSH and SFTP
> servers claiming RSA 2 conformance ? I believe it is
> version 11 or 12.

I'm not sure what you mean here -- PKCS is a set of standards, of which
PKCS#1 specify RSA and it exists in several version, but SSH is using
v1.5 and libssh2 supports that. PKCS#11 and PKCS#12 specify other
things, but there is no support for it in libssh2.

/Simon

> Best Regards,
>
> Paul R.
>
> Simon Josefsson wrote:
>
>> Alexander Lamaison <swish_at_lammy.co.uk> writes:
>>
>> > On 22 August 2010 08:58, Paul Romero <paulr_at_rcom-software.com> wrote:
>> >>
>> >> I am experiencing a problem with libssh2 version 1.2.6 which
>> >> I don't understand. The symptoms are described below and suggest
>> >> the problem is specific to libgcrypt. Any insight about the
>> >> problem would be greatly appreciated
>> > ...
>> >> const char *username="paulr"; /* System Must stripped */
>> >> const char *password="secret_agent";
>> >> const char *loclfile="sftp_write_nonblock.c";
>> > ...
>> >> while ((rc = libssh2_userauth_publickey_fromfile(session, username,
>> >> "/home/paulr/.ssh/id_rsa.pub",
>> >> "/home/paulr/.ssh/id_rsa",
>> >> password)) == LIBSSH2_ERROR_EAGAIN);
>> >
>> > I vaguely remember someone saying that libgcrypt can't handle a
>> > private key with a passphrase. Is this true or am I making things up?
>>
>> It is true. The Libgcrypt backend in libssh2 contains a hand written
>> slimmed down ASN.1 parser to read out the RSA key, but it does not
>> support any of the PKCS* encrypted forms of RSA keys. The OpenSSL
>> backend in libssh2 uses OpenSSL to read the keys, so it supports
>> whatever private key formats that OpenSSL supports.
>>
>> /Simon
>> _______________________________________________
>> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>
> --
> Paul Romero
>
> RCOM Communications Software
>
> Phone/Fax: (510)339-2628
> E-Mail: paulr_at_rcom-software.com
>
>
> _______________________________________________
> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-09-02