Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 17 Oct 2014 23:40:42 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-users@...ts.openwall.com
Subject: Re: Some format ssh and ssh-ng issues/questions

On 10/17/2014 10:21 PM, Dhiru Kholia wrote:
> On Fri, 17 Oct 2014, Frank Dittrich wrote:
>> According to doc/README.ssh, both formats (ssh and ssh-ng) support
>> cracking passwords of ssh private key files.
>> But for some reason, their corresponding converters, ssh2john and
>> sshng2john.py, produce different hashes.
> 
> See "../run/ssh2sshng.py" utility.

OK, ssh2sshng.py can convert ssh hashes into ssh-ng hashes.
Why didn't you update doc/README.ssh after you wrote ssh2sshng.py?

>> Apparently, ssh-ng needs additional 20 seconds before the real cracking
>> starts, because the status line reports just 10 seconds of run time.
>> So, you'd need some longer sessions, before ssh-ng with the reported c/s
>> rate of 4421K catches up with ssh (reported c/s rate 3051K).
> 
>> Apparently, cipher 2 has been added (just to ssh-ng) with this commit:
>> commit da8f1dfcc35e41c52ff28428e9ffd6f65e34eafd
>> How to I generate such a private key?
> 
> http://www.tedunangst.com/flak/post/new-openssh-key-format-and-bcrypt-pbkdf

When you rewrite ssh-ng at some point, you should mention that URL in a
comment.
OpenSSH version 6,5 includes support for Ed25519 as a public key type
and a new private key format that uses a bcrypt KDF.
What OS/distro currently ships OpenSSH version 6,5?

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.