1 /* $OpenBSD: ssh-keygen.c,v 1.175 2009/08/27 17:33:49 djm Exp $ */
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * Identity and host key generation and maintenance.
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
17 #include <sys/types.h>
18 #include <sys/socket.h>
20 #include <sys/param.h>
22 #include <openssl/evp.h>
23 #include <openssl/pem.h>
24 #include "openbsd-compat/openssl-compat.h"
45 #include "pathnames.h"
56 /* Number of bits in the RSA/DSA key. This value can be set on the command line. */
57 #define DEFAULT_BITS 2048
58 #define DEFAULT_BITS_DSA 1024
62 * Flag indicating that we just want to change the passphrase. This can be
63 * set on the command line.
65 int change_passphrase
= 0;
68 * Flag indicating that we just want to change the comment. This can be set
69 * on the command line.
71 int change_comment
= 0;
75 int log_level
= SYSLOG_LEVEL_INFO
;
77 /* Flag indicating that we want to hash a known_hosts file */
79 /* Flag indicating that we want lookup a host in known_hosts file */
81 /* Flag indicating that we want to delete a host from a known_hosts file */
84 /* Flag indicating that we just want to see the key fingerprint */
85 int print_fingerprint
= 0;
86 int print_bubblebabble
= 0;
88 /* The identity file name, given on the command line or entered by the user. */
89 char identity_file
[1024];
90 int have_identity
= 0;
92 /* This is set to the passphrase if given on the command line. */
93 char *identity_passphrase
= NULL
;
95 /* This is set to the new passphrase if given on the command line. */
96 char *identity_new_passphrase
= NULL
;
98 /* This is set to the new comment if given on the command line. */
99 char *identity_comment
= NULL
;
101 /* Dump public key file in format used by real and the original SSH 2 */
102 int convert_to_ssh2
= 0;
103 int convert_from_ssh2
= 0;
104 int print_public
= 0;
105 int print_generic
= 0;
107 char *key_type_name
= NULL
;
110 extern char *__progname
;
112 char hostname
[MAXHOSTNAMELEN
];
115 int gen_candidates(FILE *, u_int32_t
, u_int32_t
, BIGNUM
*);
116 int prime_test(FILE *, FILE *, u_int32_t
, u_int32_t
);
119 ask_filename(struct passwd
*pw
, const char *prompt
)
124 if (key_type_name
== NULL
)
125 name
= _PATH_SSH_CLIENT_ID_RSA
;
127 switch (key_type_from_name(key_type_name
)) {
129 name
= _PATH_SSH_CLIENT_IDENTITY
;
132 name
= _PATH_SSH_CLIENT_ID_DSA
;
135 name
= _PATH_SSH_CLIENT_ID_RSA
;
138 fprintf(stderr
, "bad key type\n");
143 snprintf(identity_file
, sizeof(identity_file
), "%s/%s", pw
->pw_dir
, name
);
144 fprintf(stderr
, "%s (%s): ", prompt
, identity_file
);
145 if (fgets(buf
, sizeof(buf
), stdin
) == NULL
)
147 buf
[strcspn(buf
, "\n")] = '\0';
148 if (strcmp(buf
, "") != 0)
149 strlcpy(identity_file
, buf
, sizeof(identity_file
));
154 load_identity(char *filename
)
159 prv
= key_load_private(filename
, "", NULL
);
161 if (identity_passphrase
)
162 pass
= xstrdup(identity_passphrase
);
164 pass
= read_passphrase("Enter passphrase: ",
166 prv
= key_load_private(filename
, pass
, NULL
);
167 memset(pass
, 0, strlen(pass
));
173 #define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----"
174 #define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----"
175 #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
176 #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
179 do_convert_to_ssh2(struct passwd
*pw
)
187 ask_filename(pw
, "Enter file in which the key is");
188 if (stat(identity_file
, &st
) < 0) {
189 perror(identity_file
);
192 if ((k
= key_load_public(identity_file
, NULL
)) == NULL
) {
193 if ((k
= load_identity(identity_file
)) == NULL
) {
194 fprintf(stderr
, "load failed\n");
198 if (k
->type
== KEY_RSA1
) {
199 fprintf(stderr
, "version 1 keys are not supported\n");
202 if (key_to_blob(k
, &blob
, &len
) <= 0) {
203 fprintf(stderr
, "key_to_blob failed\n");
206 fprintf(stdout
, "%s\n", SSH_COM_PUBLIC_BEGIN
);
208 "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
209 key_size(k
), key_type(k
),
210 pw
->pw_name
, hostname
);
211 dump_base64(stdout
, blob
, len
);
212 fprintf(stdout
, "%s\n", SSH_COM_PUBLIC_END
);
219 buffer_get_bignum_bits(Buffer
*b
, BIGNUM
*value
)
221 u_int bignum_bits
= buffer_get_int(b
);
222 u_int bytes
= (bignum_bits
+ 7) / 8;
224 if (buffer_len(b
) < bytes
)
225 fatal("buffer_get_bignum_bits: input buffer too small: "
226 "need %d have %d", bytes
, buffer_len(b
));
227 if (BN_bin2bn(buffer_ptr(b
), bytes
, value
) == NULL
)
228 fatal("buffer_get_bignum_bits: BN_bin2bn failed");
229 buffer_consume(b
, bytes
);
233 do_convert_private_ssh2_from_blob(u_char
*blob
, u_int blen
)
238 u_char
*sig
, data
[] = "abcde12345";
239 int magic
, rlen
, ktype
, i1
, i2
, i3
, i4
;
244 buffer_append(&b
, blob
, blen
);
246 magic
= buffer_get_int(&b
);
247 if (magic
!= SSH_COM_PRIVATE_KEY_MAGIC
) {
248 error("bad magic 0x%x != 0x%x", magic
, SSH_COM_PRIVATE_KEY_MAGIC
);
252 i1
= buffer_get_int(&b
);
253 type
= buffer_get_string(&b
, NULL
);
254 cipher
= buffer_get_string(&b
, NULL
);
255 i2
= buffer_get_int(&b
);
256 i3
= buffer_get_int(&b
);
257 i4
= buffer_get_int(&b
);
258 debug("ignore (%d %d %d %d)", i1
, i2
, i3
, i4
);
259 if (strcmp(cipher
, "none") != 0) {
260 error("unsupported cipher %s", cipher
);
268 if (strstr(type
, "dsa")) {
270 } else if (strstr(type
, "rsa")) {
277 key
= key_new_private(ktype
);
282 buffer_get_bignum_bits(&b
, key
->dsa
->p
);
283 buffer_get_bignum_bits(&b
, key
->dsa
->g
);
284 buffer_get_bignum_bits(&b
, key
->dsa
->q
);
285 buffer_get_bignum_bits(&b
, key
->dsa
->pub_key
);
286 buffer_get_bignum_bits(&b
, key
->dsa
->priv_key
);
289 e
= buffer_get_char(&b
);
293 e
+= buffer_get_char(&b
);
296 e
+= buffer_get_char(&b
);
299 if (!BN_set_word(key
->rsa
->e
, e
)) {
304 buffer_get_bignum_bits(&b
, key
->rsa
->d
);
305 buffer_get_bignum_bits(&b
, key
->rsa
->n
);
306 buffer_get_bignum_bits(&b
, key
->rsa
->iqmp
);
307 buffer_get_bignum_bits(&b
, key
->rsa
->q
);
308 buffer_get_bignum_bits(&b
, key
->rsa
->p
);
309 rsa_generate_additional_parameters(key
->rsa
);
312 rlen
= buffer_len(&b
);
314 error("do_convert_private_ssh2_from_blob: "
315 "remaining bytes in key blob %d", rlen
);
319 key_sign(key
, &sig
, &slen
, data
, sizeof(data
));
320 key_verify(key
, sig
, slen
, data
, sizeof(data
));
326 get_line(FILE *fp
, char *line
, size_t len
)
332 while ((c
= fgetc(fp
)) != EOF
) {
333 if (pos
>= len
- 1) {
334 fprintf(stderr
, "input line too long.\n");
340 if (c
!= EOF
&& c
!= '\n' && ungetc(c
, fp
) == EOF
) {
341 fprintf(stderr
, "unget: %s\n", strerror(errno
));
356 do_convert_from_ssh2(struct passwd
*pw
)
365 int escaped
= 0, private = 0, ok
;
369 ask_filename(pw
, "Enter file in which the key is");
370 if (stat(identity_file
, &st
) < 0) {
371 perror(identity_file
);
374 fp
= fopen(identity_file
, "r");
376 perror(identity_file
);
380 while ((blen
= get_line(fp
, line
, sizeof(line
))) != -1) {
381 if (line
[blen
- 1] == '\\')
383 if (strncmp(line
, "----", 4) == 0 ||
384 strstr(line
, ": ") != NULL
) {
385 if (strstr(line
, SSH_COM_PRIVATE_BEGIN
) != NULL
)
387 if (strstr(line
, " END ") != NULL
) {
390 /* fprintf(stderr, "ignore: %s", line); */
395 /* fprintf(stderr, "escaped: %s", line); */
398 strlcat(encoded
, line
, sizeof(encoded
));
400 len
= strlen(encoded
);
401 if (((len
% 4) == 3) &&
402 (encoded
[len
-1] == '=') &&
403 (encoded
[len
-2] == '=') &&
404 (encoded
[len
-3] == '='))
405 encoded
[len
-3] = '\0';
406 blen
= uudecode(encoded
, blob
, sizeof(blob
));
408 fprintf(stderr
, "uudecode failed.\n");
412 do_convert_private_ssh2_from_blob(blob
, blen
) :
413 key_from_blob(blob
, blen
);
415 fprintf(stderr
, "decode blob failed.\n");
419 (k
->type
== KEY_DSA
?
420 PEM_write_DSAPrivateKey(stdout
, k
->dsa
, NULL
, NULL
, 0, NULL
, NULL
) :
421 PEM_write_RSAPrivateKey(stdout
, k
->rsa
, NULL
, NULL
, 0, NULL
, NULL
)) :
422 key_write(k
, stdout
);
424 fprintf(stderr
, "key write failed\n");
429 fprintf(stdout
, "\n");
435 do_print_public(struct passwd
*pw
)
441 ask_filename(pw
, "Enter file in which the key is");
442 if (stat(identity_file
, &st
) < 0) {
443 perror(identity_file
);
446 prv
= load_identity(identity_file
);
448 fprintf(stderr
, "load failed\n");
451 if (!key_write(prv
, stdout
))
452 fprintf(stderr
, "key_write failed");
454 fprintf(stdout
, "\n");
460 do_upload(struct passwd
*pw
, const char *sc_reader_id
)
467 ask_filename(pw
, "Enter file in which the key is");
468 if (stat(identity_file
, &st
) < 0) {
469 perror(identity_file
);
472 prv
= load_identity(identity_file
);
474 error("load failed");
477 ret
= sc_put_key(prv
, sc_reader_id
);
481 logit("loading key done");
486 do_download(struct passwd
*pw
, const char *sc_reader_id
)
491 keys
= sc_get_keys(sc_reader_id
, NULL
);
493 fatal("cannot read public key from smartcard");
494 for (i
= 0; keys
[i
]; i
++) {
495 key_write(keys
[i
], stdout
);
497 fprintf(stdout
, "\n");
502 #endif /* SMARTCARD */
505 do_fingerprint(struct passwd
*pw
)
509 char *comment
= NULL
, *cp
, *ep
, line
[16*1024], *fp
, *ra
;
510 int i
, skip
= 0, num
= 0, invalid
= 1;
515 fptype
= print_bubblebabble
? SSH_FP_SHA1
: SSH_FP_MD5
;
516 rep
= print_bubblebabble
? SSH_FP_BUBBLEBABBLE
: SSH_FP_HEX
;
519 ask_filename(pw
, "Enter file in which the key is");
520 if (stat(identity_file
, &st
) < 0) {
521 perror(identity_file
);
524 public = key_load_public(identity_file
, &comment
);
525 if (public != NULL
) {
526 fp
= key_fingerprint(public, fptype
, rep
);
527 ra
= key_fingerprint(public, SSH_FP_MD5
, SSH_FP_RANDOMART
);
528 printf("%u %s %s (%s)\n", key_size(public), fp
, comment
,
530 if (log_level
>= SYSLOG_LEVEL_VERBOSE
)
543 f
= fopen(identity_file
, "r");
545 while (fgets(line
, sizeof(line
), f
)) {
546 if ((cp
= strchr(line
, '\n')) == NULL
) {
547 error("line %d too long: %.40s...",
559 /* Skip leading whitespace, empty and comment lines. */
560 for (cp
= line
; *cp
== ' ' || *cp
== '\t'; cp
++)
562 if (!*cp
|| *cp
== '\n' || *cp
== '#')
564 i
= strtol(cp
, &ep
, 10);
565 if (i
== 0 || ep
== NULL
|| (*ep
!= ' ' && *ep
!= '\t')) {
568 for (; *cp
&& (quoted
|| (*cp
!= ' ' &&
569 *cp
!= '\t')); cp
++) {
570 if (*cp
== '\\' && cp
[1] == '"')
571 cp
++; /* Skip both */
580 public = key_new(KEY_RSA1
);
581 if (key_read(public, &cp
) != 1) {
584 public = key_new(KEY_UNSPEC
);
585 if (key_read(public, &cp
) != 1) {
590 comment
= *cp
? cp
: comment
;
591 fp
= key_fingerprint(public, fptype
, rep
);
592 ra
= key_fingerprint(public, SSH_FP_MD5
, SSH_FP_RANDOMART
);
593 printf("%u %s %s (%s)\n", key_size(public), fp
,
594 comment
? comment
: "no comment", key_type(public));
595 if (log_level
>= SYSLOG_LEVEL_VERBOSE
)
605 printf("%s is not a public key file.\n", identity_file
);
612 print_host(FILE *f
, const char *name
, Key
*public, int hash
)
614 if (print_fingerprint
) {
619 fptype
= print_bubblebabble
? SSH_FP_SHA1
: SSH_FP_MD5
;
620 rep
= print_bubblebabble
? SSH_FP_BUBBLEBABBLE
: SSH_FP_HEX
;
621 fp
= key_fingerprint(public, fptype
, rep
);
622 ra
= key_fingerprint(public, SSH_FP_MD5
, SSH_FP_RANDOMART
);
623 printf("%u %s %s (%s)\n", key_size(public), fp
, name
,
625 if (log_level
>= SYSLOG_LEVEL_VERBOSE
)
630 if (hash
&& (name
= host_hash(name
, NULL
, 0)) == NULL
)
631 fatal("hash_host failed");
632 fprintf(f
, "%s ", name
);
633 if (!key_write(public, f
))
634 fatal("key_write failed");
640 do_known_hosts(struct passwd
*pw
, const char *name
)
642 FILE *in
, *out
= stdout
;
644 char *cp
, *cp2
, *kp
, *kp2
;
645 char line
[16*1024], tmp
[MAXPATHLEN
], old
[MAXPATHLEN
];
646 int c
, skip
= 0, inplace
= 0, num
= 0, invalid
= 0, has_unhashed
= 0;
648 if (!have_identity
) {
649 cp
= tilde_expand_filename(_PATH_SSH_USER_HOSTFILE
, pw
->pw_uid
);
650 if (strlcpy(identity_file
, cp
, sizeof(identity_file
)) >=
651 sizeof(identity_file
))
652 fatal("Specified known hosts path too long");
656 if ((in
= fopen(identity_file
, "r")) == NULL
)
657 fatal("fopen: %s", strerror(errno
));
660 * Find hosts goes to stdout, hash and deletions happen in-place
661 * A corner case is ssh-keygen -HF foo, which should go to stdout
663 if (!find_host
&& (hash_hosts
|| delete_host
)) {
664 if (strlcpy(tmp
, identity_file
, sizeof(tmp
)) >= sizeof(tmp
) ||
665 strlcat(tmp
, ".XXXXXXXXXX", sizeof(tmp
)) >= sizeof(tmp
) ||
666 strlcpy(old
, identity_file
, sizeof(old
)) >= sizeof(old
) ||
667 strlcat(old
, ".old", sizeof(old
)) >= sizeof(old
))
668 fatal("known_hosts path too long");
670 if ((c
= mkstemp(tmp
)) == -1)
671 fatal("mkstemp: %s", strerror(errno
));
672 if ((out
= fdopen(c
, "w")) == NULL
) {
675 fatal("fdopen: %s", strerror(c
));
680 while (fgets(line
, sizeof(line
), in
)) {
681 if ((cp
= strchr(line
, '\n')) == NULL
) {
682 error("line %d too long: %.40s...", num
+ 1, line
);
694 /* Skip leading whitespace, empty and comment lines. */
695 for (cp
= line
; *cp
== ' ' || *cp
== '\t'; cp
++)
697 if (!*cp
|| *cp
== '\n' || *cp
== '#') {
699 fprintf(out
, "%s\n", cp
);
702 /* Find the end of the host name portion. */
703 for (kp
= cp
; *kp
&& *kp
!= ' ' && *kp
!= '\t'; kp
++)
705 if (*kp
== '\0' || *(kp
+ 1) == '\0') {
706 error("line %d missing key: %.40s...",
714 public = key_new(KEY_RSA1
);
715 if (key_read(public, &kp
) != 1) {
718 public = key_new(KEY_UNSPEC
);
719 if (key_read(public, &kp
) != 1) {
720 error("line %d invalid key: %.40s...",
728 if (*cp
== HASH_DELIM
) {
729 if (find_host
|| delete_host
) {
730 cp2
= host_hash(name
, cp
, strlen(cp
));
732 error("line %d: invalid hashed "
733 "name: %.64s...", num
, line
);
737 c
= (strcmp(cp2
, cp
) == 0);
738 if (find_host
&& c
) {
739 printf("# Host %s found: "
740 "line %d type %s\n", name
,
741 num
, key_type(public));
742 print_host(out
, cp
, public, 0);
744 if (delete_host
&& !c
)
745 print_host(out
, cp
, public, 0);
746 } else if (hash_hosts
)
747 print_host(out
, cp
, public, 0);
749 if (find_host
|| delete_host
) {
750 c
= (match_hostname(name
, cp
,
752 if (find_host
&& c
) {
753 printf("# Host %s found: "
754 "line %d type %s\n", name
,
755 num
, key_type(public));
756 print_host(out
, name
, public,
759 if (delete_host
&& !c
)
760 print_host(out
, cp
, public, 0);
761 } else if (hash_hosts
) {
762 for (cp2
= strsep(&cp
, ",");
763 cp2
!= NULL
&& *cp2
!= '\0';
764 cp2
= strsep(&cp
, ",")) {
765 if (strcspn(cp2
, "*?!") != strlen(cp2
))
766 fprintf(stderr
, "Warning: "
767 "ignoring host name with "
768 "metacharacters: %.64s\n",
771 print_host(out
, cp2
, public, 1);
781 fprintf(stderr
, "%s is not a valid known_hosts file.\n",
784 fprintf(stderr
, "Not replacing existing known_hosts "
785 "file because of errors\n");
795 /* Backup existing file */
796 if (unlink(old
) == -1 && errno
!= ENOENT
)
797 fatal("unlink %.100s: %s", old
, strerror(errno
));
798 if (link(identity_file
, old
) == -1)
799 fatal("link %.100s to %.100s: %s", identity_file
, old
,
801 /* Move new one into place */
802 if (rename(tmp
, identity_file
) == -1) {
803 error("rename\"%s\" to \"%s\": %s", tmp
, identity_file
,
810 fprintf(stderr
, "%s updated.\n", identity_file
);
811 fprintf(stderr
, "Original contents retained as %s\n", old
);
813 fprintf(stderr
, "WARNING: %s contains unhashed "
815 fprintf(stderr
, "Delete this file to ensure privacy "
824 * Perform changing a passphrase. The argument is the passwd structure
825 * for the current user.
828 do_change_passphrase(struct passwd
*pw
)
831 char *old_passphrase
, *passphrase1
, *passphrase2
;
836 ask_filename(pw
, "Enter file in which the key is");
837 if (stat(identity_file
, &st
) < 0) {
838 perror(identity_file
);
841 /* Try to load the file with empty passphrase. */
842 private = key_load_private(identity_file
, "", &comment
);
843 if (private == NULL
) {
844 if (identity_passphrase
)
845 old_passphrase
= xstrdup(identity_passphrase
);
848 read_passphrase("Enter old passphrase: ",
850 private = key_load_private(identity_file
, old_passphrase
,
852 memset(old_passphrase
, 0, strlen(old_passphrase
));
853 xfree(old_passphrase
);
854 if (private == NULL
) {
855 printf("Bad passphrase.\n");
859 printf("Key has comment '%s'\n", comment
);
861 /* Ask the new passphrase (twice). */
862 if (identity_new_passphrase
) {
863 passphrase1
= xstrdup(identity_new_passphrase
);
867 read_passphrase("Enter new passphrase (empty for no "
868 "passphrase): ", RP_ALLOW_STDIN
);
869 passphrase2
= read_passphrase("Enter same passphrase again: ",
872 /* Verify that they are the same. */
873 if (strcmp(passphrase1
, passphrase2
) != 0) {
874 memset(passphrase1
, 0, strlen(passphrase1
));
875 memset(passphrase2
, 0, strlen(passphrase2
));
878 printf("Pass phrases do not match. Try again.\n");
881 /* Destroy the other copy. */
882 memset(passphrase2
, 0, strlen(passphrase2
));
886 /* Save the file using the new passphrase. */
887 if (!key_save_private(private, identity_file
, passphrase1
, comment
)) {
888 printf("Saving the key failed: %s.\n", identity_file
);
889 memset(passphrase1
, 0, strlen(passphrase1
));
895 /* Destroy the passphrase and the copy of the key in memory. */
896 memset(passphrase1
, 0, strlen(passphrase1
));
898 key_free(private); /* Destroys contents */
901 printf("Your identification has been saved with the new passphrase.\n");
906 * Print the SSHFP RR.
909 do_print_resource_record(struct passwd
*pw
, char *fname
, char *hname
)
912 char *comment
= NULL
;
916 ask_filename(pw
, "Enter file in which the key is");
917 if (stat(fname
, &st
) < 0) {
923 public = key_load_public(fname
, &comment
);
924 if (public != NULL
) {
925 export_dns_rr(hname
, public, stdout
, print_generic
);
933 printf("failed to read v2 public key from %s.\n", fname
);
938 * Change the comment of a private key file.
941 do_change_comment(struct passwd
*pw
)
943 char new_comment
[1024], *comment
, *passphrase
;
951 ask_filename(pw
, "Enter file in which the key is");
952 if (stat(identity_file
, &st
) < 0) {
953 perror(identity_file
);
956 private = key_load_private(identity_file
, "", &comment
);
957 if (private == NULL
) {
958 if (identity_passphrase
)
959 passphrase
= xstrdup(identity_passphrase
);
960 else if (identity_new_passphrase
)
961 passphrase
= xstrdup(identity_new_passphrase
);
963 passphrase
= read_passphrase("Enter passphrase: ",
965 /* Try to load using the passphrase. */
966 private = key_load_private(identity_file
, passphrase
, &comment
);
967 if (private == NULL
) {
968 memset(passphrase
, 0, strlen(passphrase
));
970 printf("Bad passphrase.\n");
974 passphrase
= xstrdup("");
976 if (private->type
!= KEY_RSA1
) {
977 fprintf(stderr
, "Comments are only supported for RSA1 keys.\n");
981 printf("Key now has comment '%s'\n", comment
);
983 if (identity_comment
) {
984 strlcpy(new_comment
, identity_comment
, sizeof(new_comment
));
986 printf("Enter new comment: ");
988 if (!fgets(new_comment
, sizeof(new_comment
), stdin
)) {
989 memset(passphrase
, 0, strlen(passphrase
));
993 new_comment
[strcspn(new_comment
, "\n")] = '\0';
996 /* Save the file using the new passphrase. */
997 if (!key_save_private(private, identity_file
, passphrase
, new_comment
)) {
998 printf("Saving the key failed: %s.\n", identity_file
);
999 memset(passphrase
, 0, strlen(passphrase
));
1005 memset(passphrase
, 0, strlen(passphrase
));
1007 public = key_from_private(private);
1010 strlcat(identity_file
, ".pub", sizeof(identity_file
));
1011 fd
= open(identity_file
, O_WRONLY
| O_CREAT
| O_TRUNC
, 0644);
1013 printf("Could not save your public key in %s\n", identity_file
);
1016 f
= fdopen(fd
, "w");
1018 printf("fdopen %s failed\n", identity_file
);
1021 if (!key_write(public, f
))
1022 fprintf(stderr
, "write key failed\n");
1024 fprintf(f
, " %s\n", new_comment
);
1029 printf("The comment in your key file has been changed.\n");
1036 fprintf(stderr
, "usage: %s [options]\n", __progname
);
1037 fprintf(stderr
, "Options:\n");
1038 fprintf(stderr
, " -a trials Number of trials for screening DH-GEX moduli.\n");
1039 fprintf(stderr
, " -B Show bubblebabble digest of key file.\n");
1040 fprintf(stderr
, " -b bits Number of bits in the key to create.\n");
1041 fprintf(stderr
, " -C comment Provide new comment.\n");
1042 fprintf(stderr
, " -c Change comment in private and public key files.\n");
1044 fprintf(stderr
, " -D reader Download public key from smartcard.\n");
1045 #endif /* SMARTCARD */
1046 fprintf(stderr
, " -e Convert OpenSSH to RFC 4716 key file.\n");
1047 fprintf(stderr
, " -F hostname Find hostname in known hosts file.\n");
1048 fprintf(stderr
, " -f filename Filename of the key file.\n");
1049 fprintf(stderr
, " -G file Generate candidates for DH-GEX moduli.\n");
1050 fprintf(stderr
, " -g Use generic DNS resource record format.\n");
1051 fprintf(stderr
, " -H Hash names in known_hosts file.\n");
1052 fprintf(stderr
, " -i Convert RFC 4716 to OpenSSH key file.\n");
1053 fprintf(stderr
, " -l Show fingerprint of key file.\n");
1054 fprintf(stderr
, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n");
1055 fprintf(stderr
, " -N phrase Provide new passphrase.\n");
1056 fprintf(stderr
, " -P phrase Provide old passphrase.\n");
1057 fprintf(stderr
, " -p Change passphrase of private key file.\n");
1058 fprintf(stderr
, " -q Quiet.\n");
1059 fprintf(stderr
, " -R hostname Remove host from known_hosts file.\n");
1060 fprintf(stderr
, " -r hostname Print DNS resource record.\n");
1061 fprintf(stderr
, " -S start Start point (hex) for generating DH-GEX moduli.\n");
1062 fprintf(stderr
, " -T file Screen candidates for DH-GEX moduli.\n");
1063 fprintf(stderr
, " -t type Specify type of key to create.\n");
1065 fprintf(stderr
, " -U reader Upload private key to smartcard.\n");
1066 #endif /* SMARTCARD */
1067 fprintf(stderr
, " -v Verbose.\n");
1068 fprintf(stderr
, " -W gen Generator to use for generating DH-GEX moduli.\n");
1069 fprintf(stderr
, " -y Read private key file and print public key.\n");
1075 * Main program for key management.
1078 main(int argc
, char **argv
)
1080 char dotsshdir
[MAXPATHLEN
], comment
[1024], *passphrase1
, *passphrase2
;
1081 char out_file
[MAXPATHLEN
], *reader_id
= NULL
;
1082 char *rr_hostname
= NULL
;
1083 Key
*private, *public;
1086 int opt
, type
, fd
, download
= 0;
1087 u_int32_t memory
= 0, generator_wanted
= 0, trials
= 100;
1088 int do_gen_candidates
= 0, do_screen_candidates
= 0;
1089 BIGNUM
*start
= NULL
;
1094 extern char *optarg
;
1096 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
1099 __progname
= ssh_get_progname(argv
[0]);
1101 SSLeay_add_all_algorithms();
1102 log_init(argv
[0], SYSLOG_LEVEL_INFO
, SYSLOG_FACILITY_USER
, 1);
1107 /* we need this for the home * directory. */
1108 pw
= getpwuid(getuid());
1110 printf("You don't exist, go away!\n");
1113 if (gethostname(hostname
, sizeof(hostname
)) < 0) {
1114 perror("gethostname");
1118 while ((opt
= getopt(argc
, argv
,
1119 "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {
1122 bits
= (u_int32_t
)strtonum(optarg
, 768, 32768, &errstr
);
1124 fatal("Bits has bad value %s (%s)",
1129 rr_hostname
= optarg
;
1136 rr_hostname
= optarg
;
1139 print_fingerprint
= 1;
1142 print_bubblebabble
= 1;
1145 change_passphrase
= 1;
1151 if (strlcpy(identity_file
, optarg
, sizeof(identity_file
)) >=
1152 sizeof(identity_file
))
1153 fatal("Identity filename too long");
1160 identity_passphrase
= optarg
;
1163 identity_new_passphrase
= optarg
;
1166 identity_comment
= optarg
;
1174 convert_to_ssh2
= 1;
1179 convert_from_ssh2
= 1;
1185 key_type_name
= "dsa";
1188 key_type_name
= optarg
;
1197 if (log_level
== SYSLOG_LEVEL_INFO
)
1198 log_level
= SYSLOG_LEVEL_DEBUG1
;
1200 if (log_level
>= SYSLOG_LEVEL_DEBUG1
&&
1201 log_level
< SYSLOG_LEVEL_DEBUG3
)
1206 rr_hostname
= optarg
;
1209 generator_wanted
= (u_int32_t
)strtonum(optarg
, 1,
1212 fatal("Desired generator has bad value: %s (%s)",
1216 trials
= (u_int32_t
)strtonum(optarg
, 1, UINT_MAX
, &errstr
);
1218 fatal("Invalid number of trials: %s (%s)",
1222 memory
= (u_int32_t
)strtonum(optarg
, 1, UINT_MAX
, &errstr
);
1224 fatal("Memory limit is %s: %s", errstr
, optarg
);
1228 do_gen_candidates
= 1;
1229 if (strlcpy(out_file
, optarg
, sizeof(out_file
)) >=
1231 fatal("Output filename too long");
1234 do_screen_candidates
= 1;
1235 if (strlcpy(out_file
, optarg
, sizeof(out_file
)) >=
1237 fatal("Output filename too long");
1240 /* XXX - also compare length against bits */
1241 if (BN_hex2bn(&start
, optarg
) == 0)
1242 fatal("Invalid start point.");
1251 log_init(argv
[0], log_level
, SYSLOG_FACILITY_USER
, 1);
1253 if (optind
< argc
) {
1254 printf("Too many arguments.\n");
1257 if (change_passphrase
&& change_comment
) {
1258 printf("Can only have one of -p and -c.\n");
1261 if (print_fingerprint
&& (delete_host
|| hash_hosts
)) {
1262 printf("Cannot use -l with -D or -R.\n");
1265 if (delete_host
|| hash_hosts
|| find_host
)
1266 do_known_hosts(pw
, rr_hostname
);
1267 if (print_fingerprint
|| print_bubblebabble
)
1269 if (change_passphrase
)
1270 do_change_passphrase(pw
);
1272 do_change_comment(pw
);
1273 if (convert_to_ssh2
)
1274 do_convert_to_ssh2(pw
);
1275 if (convert_from_ssh2
)
1276 do_convert_from_ssh2(pw
);
1278 do_print_public(pw
);
1279 if (rr_hostname
!= NULL
) {
1282 if (have_identity
) {
1283 n
= do_print_resource_record(pw
,
1284 identity_file
, rr_hostname
);
1286 perror(identity_file
);
1292 n
+= do_print_resource_record(pw
,
1293 _PATH_HOST_RSA_KEY_FILE
, rr_hostname
);
1294 n
+= do_print_resource_record(pw
,
1295 _PATH_HOST_DSA_KEY_FILE
, rr_hostname
);
1298 fatal("no keys found.");
1302 if (reader_id
!= NULL
) {
1305 do_download(pw
, reader_id
);
1307 do_upload(pw
, reader_id
);
1308 #else /* SMARTCARD */
1309 fatal("no support for smartcards.");
1310 #endif /* SMARTCARD */
1313 if (do_gen_candidates
) {
1314 FILE *out
= fopen(out_file
, "w");
1317 error("Couldn't open modulus candidate file \"%s\": %s",
1318 out_file
, strerror(errno
));
1322 bits
= DEFAULT_BITS
;
1323 if (gen_candidates(out
, memory
, bits
, start
) != 0)
1324 fatal("modulus candidate generation failed");
1329 if (do_screen_candidates
) {
1331 FILE *out
= fopen(out_file
, "w");
1333 if (have_identity
&& strcmp(identity_file
, "-") != 0) {
1334 if ((in
= fopen(identity_file
, "r")) == NULL
) {
1335 fatal("Couldn't open modulus candidate "
1336 "file \"%s\": %s", identity_file
,
1343 fatal("Couldn't open moduli file \"%s\": %s",
1344 out_file
, strerror(errno
));
1346 if (prime_test(in
, out
, trials
, generator_wanted
) != 0)
1347 fatal("modulus screening failed");
1353 if (key_type_name
== NULL
)
1354 key_type_name
= "rsa";
1356 type
= key_type_from_name(key_type_name
);
1357 if (type
== KEY_UNSPEC
) {
1358 fprintf(stderr
, "unknown key type %s\n", key_type_name
);
1362 bits
= (type
== KEY_DSA
) ? DEFAULT_BITS_DSA
: DEFAULT_BITS
;
1363 if (type
== KEY_DSA
&& bits
!= 1024)
1364 fatal("DSA keys must be 1024 bits");
1366 printf("Generating public/private %s key pair.\n", key_type_name
);
1367 private = key_generate(type
, bits
);
1368 if (private == NULL
) {
1369 fprintf(stderr
, "key_generate failed\n");
1372 public = key_from_private(private);
1375 ask_filename(pw
, "Enter file in which to save the key");
1377 /* Create ~/.ssh directory if it doesn't already exist. */
1378 snprintf(dotsshdir
, sizeof dotsshdir
, "%s/%s", pw
->pw_dir
, _PATH_SSH_USER_DIR
);
1379 if (strstr(identity_file
, dotsshdir
) != NULL
&&
1380 stat(dotsshdir
, &st
) < 0) {
1381 if (mkdir(dotsshdir
, 0700) < 0)
1382 error("Could not create directory '%s'.", dotsshdir
);
1384 printf("Created directory '%s'.\n", dotsshdir
);
1386 /* If the file already exists, ask the user to confirm. */
1387 if (stat(identity_file
, &st
) >= 0) {
1389 printf("%s already exists.\n", identity_file
);
1390 printf("Overwrite (y/n)? ");
1392 if (fgets(yesno
, sizeof(yesno
), stdin
) == NULL
)
1394 if (yesno
[0] != 'y' && yesno
[0] != 'Y')
1397 /* Ask for a passphrase (twice). */
1398 if (identity_passphrase
)
1399 passphrase1
= xstrdup(identity_passphrase
);
1400 else if (identity_new_passphrase
)
1401 passphrase1
= xstrdup(identity_new_passphrase
);
1405 read_passphrase("Enter passphrase (empty for no "
1406 "passphrase): ", RP_ALLOW_STDIN
);
1407 passphrase2
= read_passphrase("Enter same passphrase again: ",
1409 if (strcmp(passphrase1
, passphrase2
) != 0) {
1411 * The passphrases do not match. Clear them and
1414 memset(passphrase1
, 0, strlen(passphrase1
));
1415 memset(passphrase2
, 0, strlen(passphrase2
));
1418 printf("Passphrases do not match. Try again.\n");
1419 goto passphrase_again
;
1421 /* Clear the other copy of the passphrase. */
1422 memset(passphrase2
, 0, strlen(passphrase2
));
1426 if (identity_comment
) {
1427 strlcpy(comment
, identity_comment
, sizeof(comment
));
1429 /* Create default comment field for the passphrase. */
1430 snprintf(comment
, sizeof comment
, "%s@%s", pw
->pw_name
, hostname
);
1433 /* Save the key with the given passphrase and comment. */
1434 if (!key_save_private(private, identity_file
, passphrase1
, comment
)) {
1435 printf("Saving the key failed: %s.\n", identity_file
);
1436 memset(passphrase1
, 0, strlen(passphrase1
));
1440 /* Clear the passphrase. */
1441 memset(passphrase1
, 0, strlen(passphrase1
));
1444 /* Clear the private key and the random number generator. */
1449 printf("Your identification has been saved in %s.\n", identity_file
);
1451 strlcat(identity_file
, ".pub", sizeof(identity_file
));
1452 fd
= open(identity_file
, O_WRONLY
| O_CREAT
| O_TRUNC
, 0644);
1454 printf("Could not save your public key in %s\n", identity_file
);
1457 f
= fdopen(fd
, "w");
1459 printf("fdopen %s failed\n", identity_file
);
1462 if (!key_write(public, f
))
1463 fprintf(stderr
, "write key failed\n");
1464 fprintf(f
, " %s\n", comment
);
1468 char *fp
= key_fingerprint(public, SSH_FP_MD5
, SSH_FP_HEX
);
1469 char *ra
= key_fingerprint(public, SSH_FP_MD5
,
1471 printf("Your public key has been saved in %s.\n",
1473 printf("The key fingerprint is:\n");
1474 printf("%s %s\n", fp
, comment
);
1475 printf("The key's randomart image is:\n");