Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Jun 2019 19:25:14 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Issues cracking an ssh key

On Fri, May 31, 2019 at 10:17 PM Adam Lininger <arlininger@...il.com> wrote:
> I've got an encrypted ssh private key. I've managed to use ssh2john to
> convert it and seem to have a crack (using --format=ssh-opencl).
> However, the resulting passphrase doesn't decrypt the key. Instead
> openssl errors out.
>
> When I use --format=ssh and a fresh pot file, the same passphrase does
> NOT appear to crack the key. What's odd is that the ssh format warns
> about false positives and keeps going while ssh-opencl does not.

The OpenCL SSH code is missing the "second round" (extra set) of
verification checks IIRC, which leads to this problem of false
positives. I am not sure how hard it would be to make the OpenCL SSH
code as rigorous as the CPU code (I haven't seen JtR code in a while).

Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.