User private key broken?

horace

Hello!
I was enabling SSH on my fresh installed pfsense 2.1 nanobsd and i generated a key for the admin. Unfortunatly puttygen dosn't recognize the key.

This is a key generated in 2.0.3, works perfect

–---BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA1FQrh66+eWSjwqvOgui3YSWAIHOVMLp8ANl16CDi5Zax7gr/
tu4xqA6zsqKG8OKB/Wmgr8RjmQHwiUBKNZkb074ZXi9WFl60VtcanlHiIl+KPwSZ
9FjvV9ZD+07BSL774Av4f1vSYq+vloQeyQCoIjhhBUEIvRM9RFCsYHG4jmytaB2j
b5ut9uD1Eh0MPRXtbcbo9HPIiAbwMOdAraheXoVuayi9JoitHnjnmwdwb5AKB2lR
wesTZw+rk/MKXYtE049MfOEQbRMJXSQtbBut6YeYKJuzeKwpcxckI76i3Yhi7iZk
WC/93KcywpHTtssF2XH/cO1htb+UWkrJPNcy2QIDAQABAoIBAQCcfLBcXqiZNVgQ
SKl6B+PnYEkPIcCJ2lc8FQl2HI69YRQf+dE/VEwarUM5W9mSPY5KY4f/IwG4qhpK
Payz1fURWKC/rqmG8SN+gShoGLdOWBW+njiNQuKbXRpbZE7Fu6RNGuV5kAX9n7gM
ebFquOYx2lV/FtBG8aAM8lwo9Idtx0k0ylMiUkss/OgAPdijs3mQubGAiCjXWQVu
BDu1fsejA9uKmxWPgOCI2pAsdbQAdvvOzwnUvjzpOo474TtJJHV3Q4e+zbKGbKfH
p69Wq+ENixkxoGTkWhmh0CUmvdMTK7llnYVr81zkkDP+csqK6NdkhIywvy442Fwh
5W8ZvsQBAoGBAO/vuuNocrAZeMAV0/1+hlAe/LHfFqvJAgTZ3xZkx6ixJBTK+xXJ
xz54VxgaP2wzrNuMaV2A/4kVa6OZvyY45OxC/TvddvklGHGpjaEDEx+BAoGBAOKL
RcDxA5jKX7zLXcVgpeD3vrqJB4+6pbm1rBaJt3FCZ+HV8yaBEM61XkMJsnFyshcY
C5wREMa2/iE002e7H1uPBCGkQjLOGvrMdK15uF74NyxVD6osaBW0O8s7wKj8k8SP
G48elolwPIFGah9rQaAv5OxsHCiXvccTrD0+sL9ZAoGARdTd7cW+a2ZecHlp44Np
j/QU06f8Ly8neUX32cqnGX/E4pBZF3Q7H+0Y5VD9TjjvpAjmwqb90nezmosS/BtP
6VqZxMSbOuy/F52upxkF1LcDN3gNttfDmXjo0EkDYHiBvLxXBjG/LaSgWVMsAPHa
HrE4hq3kLIsRXDNe1xfP/wECgYBaROicguzN+wW+8sIAngw64j0LkwKCUPssTqmt
qV6BMNa39EqY8yDBXR+cUsbZ0bwI27n0jBBFPjFxBd2fHb7W+tvIk+0U1W+Gs+Vi
InhGz10cuyAszNkEnPaeesbADzTKQ8PVeXi+dwyE7ovmzRQvQiZT1pg5zI0AQGSH
Wu2OsQKBgQC8lZU75N4lfkmzY743K88ScLHjKpGuLo8ku5RqH38M4hxjDTrA/qFg
Ir1UFPL3yExuE/XghQXjAYtBSpBR7tDZplXVQ+Pe+04uM1VPWW8l168FlOY0CXgX
KcVtCst0LjVM0FQPTgAVJiDXpaZVJQ6Ma/V797nX9xpa1S+9OqSXeg==
-----END RSA PRIVATE KEY-----

And this is a key generated in 2.1

–---BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDIkEDRkKZdvPzD
46c2kOa6s5JNtqrmuUdrb6xVhQ75K/vPp0tRFQRGo3stAlc02nYk1Wug+IXZhBXu
gsgVO9ZDH/JugERc5Oz6yhVx/fwC5rk/0bvgtdBGwpMs3Gejx1HUsRFkA3GXtCfE
T/IhasSzqhTwwvqXi5nwuHlbyTQ/VLTgwdhaVK63kjqmaLjtXelA6hvW5w7tBpc4
O+/ZXJ6nBzCXNmqtuVabTyTt3ABnLacpx+7uvi/5KOHvdNTFMjT0zlp71+5ft7q8
CVsK8mCEitsWJsQI8RZtGKAyoqqmOvek7OFzm4lNr1+RukE6A2gXW9fJmTfZ6dkq
TF+xdveRAgMBAAECggEBAMH5gjcsxzpxxaVPUDGeAwkfE6jFupRbLY/i+bHcdpbW
yzwSeO16fiAzjLYDRYSApTMKloWg1xOAhBWhtxGSRa+1/iqRM40Ee44yVHtjQZEs
xI3MswCp1z4YgW8p27Ky25nxhvhLvFkUjEF5cJyRPpzlKkuQx/w5sDD4uabj+fwk
olb4MFkUsk4tEmSeDhWiQj/xkp12o4b1JUiOXQLiz1XEl5CMfxzcXKdgzjgheXXh
Rsi/dG9Jz8MqkQG2JMVtek+AMfp57xlfZpl0J2adkTACIKlJ2dn9MF0aIH6wy1KL
CRZshRwRLTzd0IoCkIyN2BhmR/0dAph1aQPpWxcVUoECgYEA5RilzJ52lOkXUJK1
8CaMhmkl3SWCsfS6ohY9WHz6Do0E574Rtqo3VFP2dvVI5sn4OKi5q7ohBmQAI1sy
PaBAO22Qu47eVowquj7MOrL2hZ0CgYEA4B3SBivWTNipHeWf4FHfvR0HSnYg5irH
O+SK+4D0LNs26EAC3/MEf6lKKHAYNA+Bm5ZtHSzMwtIug7opNPZ1mqd3wjanAj6p
/hWlfeghQk5MFDDIK/P5VjPYNf/LAcl+os3X6sK59wOeL3uyVMT3+/ID2Mhcd/Kh
KZwJyxpqsYUCfwR5dsOIVMiTxODN/LtRMoOo6hAVvpBj+AOjZirsgbXronJxCyLQ
xY/59wYitc+v9Ju658wlF9en4jyuBWOrXRNC+npXQTY4kWyZApm31ypxlqbwD2iB
6pK7ERVBtSrMxwxUP0wbVonJajdGkLSjbJ28hhcjszP9iNgaYeLDnA0CgYAuS7qw
76lLIo580IxgKEmRpUd2SESvhzK02pcjMRY/leEXxPFTFb5eKLha9hzp1DIv07ki
h7icnhJhv7j3adoNYn7IrcV+Hze6dvpCsgr8yXPJz/HpsnJVLkyBix+CdP8l3mO1
6RfFQQgSQvkpra6UawAEbg877/D+yW70d7aGiQKBgQCFLuxQdFVxBVC0YOwFy2iv
DqVsahCWDY5GpYMQ89p23YdXcfcYJqzEt4NfNxnl979xp0DaTsWTmGeDsizXTPOU
sK8avhsuHlz9pX7Ckv6Y/TD9frL94NCW6FYISNhGVQ3TQc5lDsgxNupWcauQ6PAT
LVlkom/WSabqx1nbkY+cEA==
-----END PRIVATE KEY-----

Puttygen says "Unrecognised key type"
Did something change? I tried to add "RSA" in the new key description but puttygen says"ANS.1 decoding failure"

doktornotor

Don't get me wrong, but now you can just revoke the key and move on. Other than that, the difference is that the first one is encrypted (RSAPrivateKey), the other is unencrypted (PKCS#8 PrivateKeyInfo)

kejianshi

This would be easier to figure out if we had your public IP.  ;D  ;D  ;D

(When I upgrade or change pfsense or its keys but the IP stays same, I always have to blow away the earlier reference to the machine from before I did the update or change or else SSH just won't let me in til I do so.  Lucky for me the error message on ubuntu always tells me exactly what to blow away)

horace

Don't worry, these box are for testing only :D
I still don't understand how can i convert the key in order to use it with putty. Did i something wrong?

EDIT: grammar

kejianshi

Not sure - Never had that happen.  Only errors I ever get is when I make changes and the IPs and keys no longer match and I get the usual "OMG you are being tricked" warning.

doktornotor

@horace:

I still don't understand how can i convert the key in order to use it with putty. Did i something wrong?

You can use pkcs8 or rsa tools shipped with openssl to convert between those two:

http://linux.die.net/man/1/pkcs8
http://linux.die.net/man/1/rsa