Skip to content

/ ssh_data

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parse PEM keys with empty passphrase #10

Merged
merged 1 commit into from Jun 10, 2019
Merged

Parse PEM keys with empty passphrase #10

merged 1 commit into from Jun 10, 2019

Conversation

@btoews
Copy link
Contributor

@btoews btoews commented Jun 10, 2019

Otherwise OpenSSL tries prompting for a passphrase!

/cc @mattr-
@btoews btoews requested a review from ptoomey3 Jun 10, 2019
@btoews btoews force-pushed the master branch from 39a1a58 to d19cb6f Jun 10, 2019
@btoews
parse PEM keys with empty passphrase
Verified
This commit was signed with a verified signature.
btoews Ben Toews
GPG key ID: E9C423BE17EFEE70 Learn about signing commits
4fe3b7e 
Otherwise OpenSSL tries prompting for a passphrase!
@btoews btoews force-pushed the encrypted-pem-prompt branch from 485cc1b to 4fe3b7e Jun 10, 2019
@btoews
Copy link
Contributor Author

@btoews btoews commented Jun 10, 2019

I'm just going to merge this, since I want to get a github/github PR open today that bumps this gem. If there's any feedback, I can do a separate PR here and update the github/github PR.
@btoews btoews merged commit 225caf4 into master Jun 10, 2019
@btoews btoews deleted the encrypted-pem-prompt branch Jun 10, 2019
@ptoomey3
Copy link
Member

@ptoomey3 ptoomey3 commented Jun 11, 2019

This apparently is a linux vs. OS X nuance? Is that a openssl version thing?
@mattr-
Copy link

@mattr- mattr- commented Jun 11, 2019

Could be. Apparently on macOS, openssl is actually provided by LibreSSL from OpenBSD, where as on Linux, it's regular OpenSSL
@btoews
Copy link
Contributor Author

@btoews btoews commented Jun 11, 2019

I tested this on a linux host and see the prompt there too. I'm wondering if this might be a TTY thing or some environment variable being set. Here's a simple reproduction case if anyone wants to experiment

OpenSSL::PKey::EC.new(OpenSSL::PKey::EC.new('secp256k1').tap(&:generate_key).to_pem(OpenSSL::Cipher::AES.new(128, :CBC), 'aaaa'))
@ptoomey3
Copy link
Member

@ptoomey3 ptoomey3 commented Jun 11, 2019

I tested this on a linux host and see the prompt there too

I thought this was a linux only thing that was happening in the first place? I think I'm confused 😄
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ptoomey3 ptoomey3

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
@btoews @ptoomey3 @mattr-
You can’t perform that action at this time.