Go: x/crypto/ssh: add methods to marshal private keys to the OpenSSH format

Created on 8 Feb 2020  ·  7Comments  ·  Source: golang/go

What version of Go are you using (go version)?

$ go version
go version go1.13.6 darwin/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

Applies to all OSes.

What did you do?

N/A

What did you expect to see?

N/A

What did you see instead?

N/A

Proposal

x/crypto/ssh now has methods to parse private keys using OpenSSH format, but there's no way to write those keys so they can be used by OpenSSH. My proposal is to add the following methods to the x/crypto/ssh package:

MarshalPrivateKey(key crypto.PrivateKey, comment string) (*pem.Block, error) 

MarshalPrivateKeyWithPassphrase(key crypto.PrivateKey, comment string, passphrase []byte) (*pem.Block, error)

OpenSSH supports the PKCS#1 and EC private keys, but only supports Ed25519 using the OpenSSH format, but newer versions are already using the new format for all types of keys.

I've already coded those methods and will push a contribution asap.

NeedsFix Proposal-Accepted Proposal-Crypto
Source
picture maraino
👍5

Most helpful comment

Based on the discussion above, seems like a likely accept.

picture rsc on 26 Feb 2020
🎉3

All 7 comments

Change https://golang.org/cl/218620 mentions this issue: ssh: support for marshaling keys using the OpenSSH format

gopherbot picture gopherbot on 8 Feb 2020

Looks good to me. Returning a *pem.Block seems like a good compromise between returning PEM encoded []byte, which is weird, and being consistent with the parsing function, which takes PEM.

FiloSottile picture FiloSottile on 11 Feb 2020

Will add to the proposal minutes. Seems headed for likely accept.

rsc picture rsc on 12 Feb 2020

Based on the discussion above, seems like a likely accept.

rsc picture rsc on 26 Feb 2020
🎉3

No change in consensus, so accepted.

rsc picture rsc on 4 Mar 2020
👍1

@FiloSottile @katiehockman I'm not sure why the label NeedsFix is set, I proposed a change when I created the proposal https://golang.org/cl/218620

maraino picture maraino on 24 Mar 2020

That label simply means it's ready for a CL. It's usually the terminal state for issues before getting closed. (I did however not notice the CL when I assigned the issue to @katiehockman.)

FiloSottile picture FiloSottile on 24 Mar 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rsc picture rsc  ·  3Comments
OneOfOne picture OneOfOne  ·  3Comments
ashb picture ashb  ·  3Comments
myitcv picture myitcv  ·  3Comments
ajstarks picture ajstarks  ·  3Comments