Mailing List Archive

In message <19991115105530.D12683@alcove.wittsend.com>, "Michael H. Warfield" w
rites:
>Nov 15 10:45:38 alcove sshd[21731]: fatal: cipher_set_key: unknown cipher: 1
We do not use IDEA in OpenSSH anymore, it is patented in most
countries. Your private key is encrypted with it, change the
passphrase with the old ssh to nothing, then change the passphrase with
OpenSSH to someting new, that should get you going along.

Niels.

Never mind... Solved the problem myself...

On Mon, Nov 15, 1999 at 10:55:30AM -0500, Michael H. Warfield wrote:
> Hello all,

> I've just tried my first attempt at migrating from ssh (1.2.27)
> to openssh. I got 1.2pre12 to compile and install from the source RPM's.
> Just ran into one royal pain of a problem. Sshd won't start! It doesn't
> seem to like my old host keys.

> I get the following error in syslog:

> Nov 15 10:45:38 alcove sshd[21731]: fatal: cipher_set_key: unknown cipher: 1

Problem was that the host key was encrypted with idea (old method)
and idea isn't supported at this time in openssh.

> Now... What's wrong and how do I fix it? The logistics of blowing
> away everybodies ssh_known_hosts files for hosts and individuals makes
> regening keys impractical. Potentially, the number of hosts which would
> end up with new host keys are several dozen. The number of individuals
> who would have the subsequent "host keys has changed" error inflicted
> upon them could be several hundred.

The key in question was pre 1.2.8 (yes, I've worked with ssh
back that far - that's why you find me listed in the README.Ylonen
file in "ACKNOWLEDGEMENTS"). I just had to run the OLD ssh-keygen
with the -u option to update the key from idea encryption to 3des
encryption. Fortunately, the old ssh-keygen program was still sitting
in /usr/local/bin and hadn't been clobbered when I installed from the
RPMs. :-)

The old key was working fine with ssh 1.2.27 because it
had idea support compiled in, even though all new keys since 1.2.8
were encrypted with 3des.

> I couldn't find anything in any of the readme files regarding
> migration problems or solutions.

You might want to note this little "gotcha" in the README files.
The rpm upgrade prep process should also probably check for ssh_* and
sshd_* files in /etc/ instead of /etc/ssh/ to help ease the upgrade pain.

The new ssh-keygen also can not upgrade the keys because it also
does not support idea! If you experience the misfortune of blowing away
the old ssh-keygen program, you will have to go back to ssh-1.2.27 and
rebuild an ssh-keygen binary from that in order to upgrade the key. Would
it be too much to ask or too much of a patent violation to add the ability
to decrypt the old files for purposes of upgrading? No encryption, just
decrypt idea in ssh-keygen would be nice. That could, at least, avoid the
catch-22 with really old keys.

Now I just have to write a magic script to run around running
"ssh-keygen -u" for the host keys on all my servers, before begining
the openssh upgrade process. Sigh... User identity files are going
to be another matter, but I don't think that there are too many of them
that predate 1.2.8, fortunately... :-)

> Mike
> --
> Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com
> (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!

Mike
--
Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!

On Mon, Nov 15, 1999 at 10:11:49AM -0500, Niels Provos wrote:
> In message <19991115105530.D12683@alcove.wittsend.com>, "Michael H. Warfield" w
> rites:
> >Nov 15 10:45:38 alcove sshd[21731]: fatal: cipher_set_key: unknown cipher: 1
> We do not use IDEA in OpenSSH anymore, it is patented in most
> countries. Your private key is encrypted with it, change the
> passphrase with the old ssh to nothing, then change the passphrase with
> OpenSSH to someting new, that should get you going along.

Actually, it's not necessary to go to quite that much trouble.
The key to the problem was in a remark I saw in Tatu's ChangeLog around
1.8 about the key format change. You merely have to run the 1.2.27
ssh-keygen program with the -u option to update the encryption from
idea to 3des. Tatu recognized the problem a long time ago, changed the
default encryption, and added the -u option. I've just got a lot of
servers that do go back that far and have host keys (which don't have
passwords anyways, BTW) which are still encrypted with idea. I've
just got to march through the lot with a script to make sure they are
all up to date before I update ssh. Some of them would result in a loss
of ability to update them (gee, I updated ssh and can no longer access
that server on that other country).

> Niels.

Mike
--
Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!