Improving the security of your SSH private key files — Martin Kleppmann’s blog

Read this great article:

Improving the security of your SSH private key files — Martin Kleppmann’s blog.

For my own convenience I just put all the important commands together but won’t explain anything. Again: Go and read the article.

Reading “normal” ASN.1 key (RSA and DSA without passphrase):


$ openssl asn1parse -in test_rsa_key

Reading passphrase protected rsa key:


$ openssl rsa -text -in test_rsa_key

Update key from MD5 hasing to PKCS:


$ mv key key.old
$ openssl pkcs8 -topk8 -v2 des3 -in key.old -out key
$ chmod 600 key # IMPORTANT !

The key is now back to ASN.1 structure so you can read it with:


$ openssl asn1parse -in test_rsa_key

Test the new key. If it works just remove the old one. If it doesn’t you still have you old key.

Done.

 

This entry was posted in computer and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *