105 lines
4.5 KiB
Plaintext
105 lines
4.5 KiB
Plaintext
#############################################################################
|
|
SSHSecure - a program to harden OpenSSH from defaults
|
|
Copyright (C) 2020 Brent Saner
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
#############################################################################
|
|
|
|
The following uses the aes256-ctr/bcrypt encryption. The passphrase is "test".
|
|
|
|
The new "v1" format contains the header "-----BEGIN OPENSSH PRIVATE KEY-----"
|
|
and the footer "-----END OPENSSH PRIVATE KEY-----".
|
|
|
|
All length ints are uint32, network-byte order.
|
|
|
|
PEM:
|
|
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBQEy9ykA
|
|
1o4KMfnXW28KW8AAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIL+iAxqlRjET5A4W
|
|
iWr1A8Upnq12sJy2OEb0HMTeF0D2AAAAoMSXd80NGn0323ehgUmRJ4+M6Z1XLixma5O5mG
|
|
dCXGDaRlL924VVCYUytRvu7ilZ+dtc9aCQUFJyDF3iXyxN2H68x7teo9e8vqzGtzLkw5KV
|
|
2Zkal+8/CDj4qb/UPts0AxiWSQiPbPt4lG+5FONYrGq8ZGkQcvXyeIU02dQtf0BrxQkLMN
|
|
8jy33YxcuTjkH6zW446IRbgWC/+EBZgRjUR8I=
|
|
-----END OPENSSH PRIVATE KEY-----
|
|
|
|
HEX:
|
|
00000000: 6f70 656e 7373 682d 6b65 792d 7631 0000 openssh-key-v1..
|
|
00000010: 0000 0a61 6573 3235 362d 6374 7200 0000 ...aes256-ctr...
|
|
00000020: 0662 6372 7970 7400 0000 1800 0000 1050 .bcrypt........P
|
|
00000030: 132f 7290 0d68 e0a3 1f9d 75b6 f0a5 bc00 ./r..h....u.....
|
|
00000040: 0000 6400 0000 0100 0000 3300 0000 0b73 ..d.......3....s
|
|
00000050: 7368 2d65 6432 3535 3139 0000 0020 bfa2 sh-ed25519... ..
|
|
00000060: 031a a546 3113 e40e 1689 6af5 03c5 299e ...F1.....j...).
|
|
00000070: ad76 b09c b638 46f4 1cc4 de17 40f6 0000 .v...8F.....@...
|
|
00000080: 00a0 c497 77cd 0d1a 7d37 db77 a181 4991 ....w...}7.w..I.
|
|
00000090: 278f 8ce9 9d57 2e2c 666b 93b9 9867 425c '....W.,fk...gB\
|
|
000000a0: 60da 4652 fddb 8555 0985 32b5 1bee ee29 `.FR...U..2....)
|
|
000000b0: 59f9 db5c f5a0 9050 5272 0c5d e25f 2c4d Y..\...PRr.]._,M
|
|
000000c0: d87e bcc7 bb5e a3d7 bcbe acc6 b732 e4c3 .~...^.......2..
|
|
000000d0: 9295 d999 1a97 ef3f 0838 f8a9 bfd4 3edb .......?.8....>.
|
|
000000e0: 3403 1896 4908 8f6c fb78 946f b914 e358 4...I..l.x.o...X
|
|
000000f0: ac6a bc64 6910 72f5 f278 8534 d9d4 2d7f .j.di.r..x.4..-.
|
|
00000100: 406b c509 0b30 df23 cb7d d8c5 cb93 8e41 @k...0.#.}.....A
|
|
00000110: facd 6e38 e884 5b81 60bf f840 5981 18d4 ..n8..[.`..@Y...
|
|
00000120: 47c2 G.
|
|
|
|
ANNOTATED HEX:
|
|
0 6f70656e7373682d6b65792d763100 ("openssh-key-v1" + 0x00)
|
|
1.0 0000000a (10)
|
|
1.0.0 6165733235362d637472 ("aes256-ctr")
|
|
2.0 00000006 (6)
|
|
2.0.0 626372797074 ("bcrypt")
|
|
3.0 00000018 (24)
|
|
3.0.0 -
|
|
3.0.0.0 00000010 (16)
|
|
3.0.0.0.0 50132f72900d68e0a31f9d75b6f0a5bc (bytes)
|
|
3.0.0.1 00000064 (100)
|
|
4.0 00000001 (1)
|
|
4.0.0 00000033 (51)
|
|
4.0.0.0 0000000b (11)
|
|
4.0.0.0.0 7373682d65643235353139 ("ssh-ed25519")
|
|
4.0.0.1 00000020 (32)
|
|
4.0.0.1.0 bfa2031aa5463113e40e16896af503c5299ead76b09cb63846f41cc4de1740f6 (bytes)
|
|
4.0.1 000000a0 (160)
|
|
4.0.1.0 - 4.0.1.5 (AES256-CTR encrypted block) (bytes)
|
|
c49777cd0d1a7d37db77a1814991278f
|
|
8ce99d572e2c666b93b99867425c60da
|
|
4652fddb8555098532b51beeee2959f9
|
|
db5cf5a0905052720c5de25f2c4dd87e
|
|
bcc7bb5ea3d7bcbeacc6b732e4c39295
|
|
d9991a97ef3f0838f8a9bfd43edb3403
|
|
189649088f6cfb78946fb914e358ac6a
|
|
bc64691072f5f2788534d9d42d7f406b
|
|
c5090b30df23cb7dd8c5cb938e41facd
|
|
6e38e8845b8160bff840598118d447c2
|
|
|
|
DECRYPTED 4.0.1:
|
|
(...)
|
|
4.0.1 000000a0 (160)
|
|
4.0.1.0 f890d89a (4170242202)
|
|
4.0.1.1 f890d89a (4170242202)
|
|
4.0.1.2 -
|
|
4.0.1.2.0 0000000b (11)
|
|
4.0.1.2.0.0 7373682d65643235353139 ("ssh-ed25519")
|
|
4.0.1.2.1 00000020 (32)
|
|
4.0.1.2.1.0 (bytes)
|
|
bfa2031aa5463113e40e16896af503c5299ead76b09cb63846f41cc4de1740f6
|
|
4.0.1.3 00000040 (64)
|
|
4.0.1.3.0 (bytes)
|
|
ce6e2b8d638c9d5219dff455af1a90d0a5b72694cfcedfb93bc1e1b1816dee98
|
|
bfa2031aa5463113e40e16896af503c5299ead76b09cb63846f41cc4de1740f6
|
|
4.0.1.4 00000012 (18)
|
|
4.0.1.4.0 5468697320697320612074657374206b6579 ("This is a test key")
|
|
4.0.1.5 0102030405060708090a0b ([1 2 3 4 5 6 7 8 9 10 11], 11 bytes)
|