User private key broken?



  • Hello!
    I was enabling SSH on my fresh installed pfsense 2.1 nanobsd and i generated a key for the admin. Unfortunatly puttygen dosn't recognize the key.

    This is a key generated in 2.0.3, works perfect

    –---BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEA1FQrh66+eWSjwqvOgui3YSWAIHOVMLp8ANl16CDi5Zax7gr/
    tu4xqA6zsqKG8OKB/Wmgr8RjmQHwiUBKNZkb074ZXi9WFl60VtcanlHiIl+KPwSZ
    9FjvV9ZD+07BSL774Av4f1vSYq+vloQeyQCoIjhhBUEIvRM9RFCsYHG4jmytaB2j
    b5ut9uD1Eh0MPRXtbcbo9HPIiAbwMOdAraheXoVuayi9JoitHnjnmwdwb5AKB2lR
    wesTZw+rk/MKXYtE049MfOEQbRMJXSQtbBut6YeYKJuzeKwpcxckI76i3Yhi7iZk
    WC/93KcywpHTtssF2XH/cO1htb+UWkrJPNcy2QIDAQABAoIBAQCcfLBcXqiZNVgQ
    SKl6B+PnYEkPIcCJ2lc8FQl2HI69YRQf+dE/VEwarUM5W9mSPY5KY4f/IwG4qhpK
    Payz1fURWKC/rqmG8SN+gShoGLdOWBW+njiNQuKbXRpbZE7Fu6RNGuV5kAX9n7gM
    ebFquOYx2lV/FtBG8aAM8lwo9Idtx0k0ylMiUkss/OgAPdijs3mQubGAiCjXWQVu
    BDu1fsejA9uKmxWPgOCI2pAsdbQAdvvOzwnUvjzpOo474TtJJHV3Q4e+zbKGbKfH
    p69Wq+ENixkxoGTkWhmh0CUmvdMTK7llnYVr81zkkDP+csqK6NdkhIywvy442Fwh
    5W8ZvsQBAoGBAO/vuuNocrAZeMAV0/1+hlAe/LHfFqvJAgTZ3xZkx6ixJBTK+xXJ
    xz54VxgaP2wzrNuMaV2A/4kVa6OZvyY45OxC/TvddvklGHGpjaEDEx+BAoGBAOKL
    RcDxA5jKX7zLXcVgpeD3vrqJB4+6pbm1rBaJt3FCZ+HV8yaBEM61XkMJsnFyshcY
    C5wREMa2/iE002e7H1uPBCGkQjLOGvrMdK15uF74NyxVD6osaBW0O8s7wKj8k8SP
    G48elolwPIFGah9rQaAv5OxsHCiXvccTrD0+sL9ZAoGARdTd7cW+a2ZecHlp44Np
    j/QU06f8Ly8neUX32cqnGX/E4pBZF3Q7H+0Y5VD9TjjvpAjmwqb90nezmosS/BtP
    6VqZxMSbOuy/F52upxkF1LcDN3gNttfDmXjo0EkDYHiBvLxXBjG/LaSgWVMsAPHa
    HrE4hq3kLIsRXDNe1xfP/wECgYBaROicguzN+wW+8sIAngw64j0LkwKCUPssTqmt
    qV6BMNa39EqY8yDBXR+cUsbZ0bwI27n0jBBFPjFxBd2fHb7W+tvIk+0U1W+Gs+Vi
    InhGz10cuyAszNkEnPaeesbADzTKQ8PVeXi+dwyE7ovmzRQvQiZT1pg5zI0AQGSH
    Wu2OsQKBgQC8lZU75N4lfkmzY743K88ScLHjKpGuLo8ku5RqH38M4hxjDTrA/qFg
    Ir1UFPL3yExuE/XghQXjAYtBSpBR7tDZplXVQ+Pe+04uM1VPWW8l168FlOY0CXgX
    KcVtCst0LjVM0FQPTgAVJiDXpaZVJQ6Ma/V797nX9xpa1S+9OqSXeg==
    -----END RSA PRIVATE KEY-----

    And this is a key generated in 2.1

    –---BEGIN PRIVATE KEY-----
    MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDIkEDRkKZdvPzD
    46c2kOa6s5JNtqrmuUdrb6xVhQ75K/vPp0tRFQRGo3stAlc02nYk1Wug+IXZhBXu
    gsgVO9ZDH/JugERc5Oz6yhVx/fwC5rk/0bvgtdBGwpMs3Gejx1HUsRFkA3GXtCfE
    T/IhasSzqhTwwvqXi5nwuHlbyTQ/VLTgwdhaVK63kjqmaLjtXelA6hvW5w7tBpc4
    O+/ZXJ6nBzCXNmqtuVabTyTt3ABnLacpx+7uvi/5KOHvdNTFMjT0zlp71+5ft7q8
    CVsK8mCEitsWJsQI8RZtGKAyoqqmOvek7OFzm4lNr1+RukE6A2gXW9fJmTfZ6dkq
    TF+xdveRAgMBAAECggEBAMH5gjcsxzpxxaVPUDGeAwkfE6jFupRbLY/i+bHcdpbW
    yzwSeO16fiAzjLYDRYSApTMKloWg1xOAhBWhtxGSRa+1/iqRM40Ee44yVHtjQZEs
    xI3MswCp1z4YgW8p27Ky25nxhvhLvFkUjEF5cJyRPpzlKkuQx/w5sDD4uabj+fwk
    olb4MFkUsk4tEmSeDhWiQj/xkp12o4b1JUiOXQLiz1XEl5CMfxzcXKdgzjgheXXh
    Rsi/dG9Jz8MqkQG2JMVtek+AMfp57xlfZpl0J2adkTACIKlJ2dn9MF0aIH6wy1KL
    CRZshRwRLTzd0IoCkIyN2BhmR/0dAph1aQPpWxcVUoECgYEA5RilzJ52lOkXUJK1
    8CaMhmkl3SWCsfS6ohY9WHz6Do0E574Rtqo3VFP2dvVI5sn4OKi5q7ohBmQAI1sy
    PaBAO22Qu47eVowquj7MOrL2hZ0CgYEA4B3SBivWTNipHeWf4FHfvR0HSnYg5irH
    O+SK+4D0LNs26EAC3/MEf6lKKHAYNA+Bm5ZtHSzMwtIug7opNPZ1mqd3wjanAj6p
    /hWlfeghQk5MFDDIK/P5VjPYNf/LAcl+os3X6sK59wOeL3uyVMT3+/ID2Mhcd/Kh
    KZwJyxpqsYUCfwR5dsOIVMiTxODN/LtRMoOo6hAVvpBj+AOjZirsgbXronJxCyLQ
    xY/59wYitc+v9Ju658wlF9en4jyuBWOrXRNC+npXQTY4kWyZApm31ypxlqbwD2iB
    6pK7ERVBtSrMxwxUP0wbVonJajdGkLSjbJ28hhcjszP9iNgaYeLDnA0CgYAuS7qw
    76lLIo580IxgKEmRpUd2SESvhzK02pcjMRY/leEXxPFTFb5eKLha9hzp1DIv07ki
    h7icnhJhv7j3adoNYn7IrcV+Hze6dvpCsgr8yXPJz/HpsnJVLkyBix+CdP8l3mO1
    6RfFQQgSQvkpra6UawAEbg877/D+yW70d7aGiQKBgQCFLuxQdFVxBVC0YOwFy2iv
    DqVsahCWDY5GpYMQ89p23YdXcfcYJqzEt4NfNxnl979xp0DaTsWTmGeDsizXTPOU
    sK8avhsuHlz9pX7Ckv6Y/TD9frL94NCW6FYISNhGVQ3TQc5lDsgxNupWcauQ6PAT
    LVlkom/WSabqx1nbkY+cEA==
    -----END PRIVATE KEY-----

    Puttygen says "Unrecognised key type"
    Did something change? I tried to add "RSA" in the new key description but puttygen says"ANS.1 decoding failure"


  • Banned

    Don't get me wrong, but now you can just revoke the key and move on. Other than that, the difference is that the first one is encrypted (RSAPrivateKey), the other is unencrypted (PKCS#8 PrivateKeyInfo)



  • This would be easier to figure out if we had your public IP.  ;D  ;D  ;D

    (When I upgrade or change pfsense or its keys but the IP stays same, I always have to blow away the earlier reference to the machine from before I did the update or change or else SSH just won't let me in til I do so.  Lucky for me the error message on ubuntu always tells me exactly what to blow away)



  • Don't worry, these box are for testing only :D
    I still don't understand how can i convert the key in order to use it with putty. Did i something wrong?

    EDIT: grammar



  • Not sure - Never had that happen.  Only errors I ever get is when I make changes and the IPs and keys no longer match and I get the usual "OMG you are being tricked" warning.


  • Banned

    @horace:

    I still don't understand how can i convert the key in order to use it with putty. Did i something wrong?

    You can use pkcs8 or rsa tools shipped with openssl to convert between those two:

    http://linux.die.net/man/1/pkcs8
    http://linux.die.net/man/1/rsa


Log in to reply