LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Desktop (https://www.linuxquestions.org/questions/linux-desktop-74/)
-   -   Seahorse "Invalid file format" when importing key (https://www.linuxquestions.org/questions/linux-desktop-74/seahorse-invalid-file-format-when-importing-key-748869/)

fukawi2 08-19-2009 06:18 PM
Seahorse "Invalid file format" when importing key
 
Can someone help me out with why I can't import one of my SSH keys in to Seahorse? I get the following error when I try:
Quote:
Couldn't import keys
file:///home/fukawi2/.ssh/privatekey_nwb.dsa: invalid file format
Without posting my private key, here's the format:
Quote:
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,F44490FC03F38597

<KEY GOES HERE>
-----END DSA PRIVATE KEY-----
Opening this key using ssh-add works fine, but that's getting annoying having to do that everytime I login.

Gnome 2.26 w/ Seahorse 2.26.2

jschiwal 08-21-2009 08:28 AM
How did you generate this key? The filename & format look foreign.
Code:
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDEcedpBxtWVumvdBIFBR+QEm+2jM5L/jfY0IgPeHq3V47Ges5Y
8fcJYedKHlQEpuJ7HPP4raMCuzgRmbVcbIOjYJQ75UIXpWkh5/HRQawfBfSJenSx
rUJG9RojeMavnibWyEwL6yf6MjtmuZEssQaU5h+9kNKKN6Pjiw4iqiV/VwIVANjC
eXwmpFgQiEsPsRCNAvQvVEUdAoGADufQdvenea2HBtNlI/4jMceBT9Vmq6mfC0ee
PR1vJNyDmEaLbndvyrgeb1EJ1c4EQFA4VC4EbO8vywlUfaJQKaJr9oFVRGfXspF4
DKv19AyZWtYtn+aYBBII60h/dkSbXuBbaFxLU1a+fk9sURRKs1G7TDWxcg1lMdmz
nNOcAUQCgYEAjpZOXcZ7G0D6M9ziPhStPQ/5vhsWA3TckJiJPyFW3i6I3S//dtnz
n1IIR09Ds0lzYTKi3aWbP6/kHhN8Y+nCkpMBpYjaQP8vpKQNaNVnq/P7E4vI2Zi3
gy3yZlLbvCw38Jyb5b7jYK/n7AH4bZjr+/EhHrgzJLMuChrIVafJwbYCFEtjVvtb
N5NOFrAnE/XrvtF7o8eI
-----END DSA PRIVATE KEY-----
I generated a temporary key for this post using "ssh-keygen -t dsa -b 1024".
The ssh-keygen program can import some keys from commercial products and convert them to an ssh2 format.

fukawi2 08-23-2009 06:12 PM
I tried this, redirecting to a new file but the new file still can't be imported because of the same error.
Code:
fukawi2 ~  $ ssh-keygen -e -f .ssh/privatekey_nwb.dsa
Enter passphrase:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "2048-bit DSA, converted from OpenSSH by fukawi2@desktop"
AAAAB3Nza<REST OF KEY HERE>
---- END SSH2 PUBLIC KEY ----
EDIT: the key was generated for me by my boss who manages all that stuff...

jschiwal 08-24-2009 04:17 AM
I generated another temp dsa key. The form looks just like the one from your original post.

Look at the default .xinitrc file, possibly from /etc/skel/.xinitrc-sample.
Code:
# run Xmodmap settings
xmodmap $HOME/.Xmodmap

#
# Uncomment next lines to activate asking for ssh passphrase
#
# if test -S "$SSH_AUTH_SOCK" -a -x "$SSH_ASKPASS"; then
#      ssh-add < /dev/null
# fi

#
# Add your own lines here...
#
This will allow you to enter the passphrase once when you log in to any destop environment you have setup.
If you use gdm or xdm, grep the config files for ssh-agent or usessh. This would allow you to run ssh-add when you log in and not need to do it again every time you open a new terminal. I had tried putting similar code in .profile but for some reason, I would be prompted twice.

fukawi2 08-24-2009 04:20 AM
I don't think so -- everything we do / use is Linux-based. We have our own internal distribution based off FC6 and AFAIK it's just standard OpenSSL / OpenSSH. I'll check with him though.

jschiwal 08-24-2009 05:09 AM
Sorry, I discovered my own post was wrong and changed it on you.
It looks like seahorse doesn't handle the ssh-agent key. Using ssh-agent on login should work out just as well.

fukawi2 08-24-2009 06:36 PM
Thanks -- I didn't have an .xinitrc so I copied from /etc/skel/ but it didn't have anything about SSH ask pass. I've copied and pasted from your post so I'll see how that goes :)

jschiwal 08-26-2009 02:37 AM
I don't know if this will help, but here is the pstree output leading to ssh-agent on my laptop.

Code:
|-kdm-+-Xorg
    |    `-kdm---startkde-+-gpg-agent
    |                      |-kwrapper4
    |                      `-ssh-agent
A fragment of startkde
Code:
# Source scripts found in <localprefix>/env/*.sh and <prefixes>/env/*.sh
# (where <localprefix> is $KDEHOME or ~/.kde, and <prefixes> is where KDE is installed)
#
# This is where you can define environment variables that will be available to
# all KDE programs, so this is where you can run agents using e.g. eval `ssh-agent`
# or eval `gpg-agent --daemon`.
# Note: if you do that, you should also put "ssh-agent -k" as a shutdown script
#
# (see end of this file).
# For anything else (that doesn't set env vars, or that needs a window manager),
# better use the Autostart folder.
When you manually use ssh-add, you might do this:
eval $(ssh-agent)
ssh-add

The ssh-add program uses environmental variables set for the session.
ssh-agent needs to be run before ssh-add.

Also look in /etc/X11/xdm/sys.xsession. Your system may source it even if xdm isn't used. It has options for ssh, gpg and even has notes about seahorse.

Code:
#
# If ssh is configured and ssh-agent is wanted set "yes"
#
usessh=yes

#
# If gpg is configured and gpg-agent is wanted set "yes"
#
usegpg=yes
Your mileage may vary of course. Startup and configuration scripts vary by distribution. It would be a good idea to grep for the terms "ssh", "ssh-agent", "ssh-add" and "seahorse" for files in /etc/, and running pstree to get a picture on how processes are started when you log in.


All times are GMT -5. The time now is 01:23 AM.