Solved [Solved] SSH cannot create private key files

Hello,

I would like to create a secure SSH private key files using PBKDF but It doesn't to be working on my FreeBSD 10 system.
This is the command that I am using:
ssh-keygen -b 4096 -f .ssh/id_rsa4096_test -C fred@FreeBSD_test -o -a 500
This is the message I get:
Code:
ssh-keygen: illegal option -- o
The same command work just fine in buntu 14.04.

Could anyone help please
Thank You
Fred
 
Re: SSH cannot create private key files

The -o option is not supported on 10.0-RELEASE that has only OpenSSH 6.4. It is on 10-STABLE however that has the newer OpenSSH 6.5. Just leave it out of the command line.
 
Re: SSH cannot create private key files

Thank you @kpa,

Could I please ask another bit of advise..
Which of this two methode are the most secure?
Code:
#### Creating and converting a new 4096-bit RSA key for SSH ####
ssh-keygen -b 4096 -f .ssh/id_rsa4096_2014 -C fred@FreeBSD
umask 0077
openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa4096_2014 -out ~/.ssh/id_rsa.new && mv ~/.ssh/id_rsa.new ~/.ssh/id_rsa4096_2014
OR
Code:
### Creating a 4096-bit RSA key with 500 PBKDF rounds ###
ssh-keygen -b 4096 -f .ssh/id_rsa4096_test -C fred@FreeBSD_test -a 500
 
Last edited by a moderator:
Re: SSH cannot create private key files

fred974 said:
kpa said:
What is the purpose of the first one?
Sorry I don't understand the question.
Could you reformulate please?

I'm seeing that the first method uses some weird conversion that I haven't seen before and I'm really wondering why it's done. I see stuff like that and I immediately think that someone just picked it up somewhere and is using it without thinking what it does. That's a very common recipe for disaster when it comes to security and cryptography.

Maybe you have an idea why do the key generation using the first method when the the second method seems to do the same but in one single command?
 
Re: SSH cannot create private key files

I'm mainly going by the man pages here but it looks like the first option creates a private key, then converts in to PKCS#8 format. The -v2 des3 option causes it to be encrypted using DES3.

-v2 alg
... Using the -v2 option PKCS#5 v2.0
algorithms are used which can use any encryption algorithm such as
168 bit triple DES or 128 bit RC2 however not many implementations
support PKCS#5 v2.0 yet. If you are just using private keys with
OpenSSL then this doesn't matter.

The alg argument is the encryption algorithm to use, valid values
include des, des3 and rc2. It is recommended that des3 is used.

The second command doesn't bother with the DES3 encryption, but attempts to do 500 trials. However, the -a option doesn't appear to do what the OP thinks it does on 10.0-RELEASE. It only works on the newer version that supports -o

From 10.0-RELEASE:
-a trials
Specifies the number of primality tests to perform when screening
DH-GEX candidates using the -T command.

From CURRENT:
-a rounds
When saving a new-format private key (i.e. an ed25519 key or any
SSH protocol 2 key when the -o flag is set), this option speci-
fies the number of KDF (key derivation function) rounds used.
Higher numbers result in slower passphrase verification and
increased resistance to brute-force password cracking (should the
keys be stolen).

When screening DH-GEX candidates ( using the -T command). This
option specifies the number of primality tests to perform.

Either way, I'm no cryptographer and have no idea which is more secure. (Although specifically for 10.0, seeing as the -a rounds option isn't available, I'd expect the PKCS#8 option would be)
 
Re: SSH cannot create private key files

Thank you @usdmatt,
I better go back option 1 then.
 
Last edited by a moderator:
Back
Top