Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification

jsch-users@lists.sourceforge.net

[Prev] Thread [Next] | [Prev] Date [Next]

Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification Atsuhiko Yamanaka Wed Oct 22 08:00:56 2008

Hi,

   +-From: <[EMAIL PROTECTED]> ----------
   |_Date: Wed, 22 Oct 2008 12:33:17 +0200 __
   |
   |I try to connect to a SFTP-Server with a AES-256-CBC private key 
   |using a passphrase.
   ... 
   |If I run this, I get (things between [] are manually replaced for
   |this mail only):
   |privateKey: -----BEGIN DSA PRIVATE KEY-----
   |Proc-Type: 4,ENCRYPTED
   |DEK-Info: AES-256-CBC,76575591709273D449EAFE15513FBCEF
   |[...key in base64 encoding...]
   |-----END DSA PRIVATE KEY-----

It is interesting.
JSch has only supported the private key ciphered by 3DES,
because OpenSSH's ssh-keygen usually generates keys with 3DES.
How did you generate that key?  If I can generate such a key by myself,
I'll be able to support it.

By the way, AES-256 is not available on usual JRE.  
Here is a quote from JSch's README,

  >AES cipher
  >==========
  >Since version 0.1.21, jsch can support aes128-cbc,aes192-cbc,aes256-cbc,
  >but you require AES support on your J2SE to choose some of them.  
  >If you are using Sun's J2SE, J2SE 1.4.2 or later is required.  
  >And then, J2SE 1.4.2(or later) does not support aes256 by the default, 
  >because of 'import control restrictions of some countries'.
  >We have confirmed that by applying
  >  "Java Cryptography Extension (JCE)
  >  Unlimited Strength Jurisdiction Policy Files 1.4.2"
  >on
  >  http://java.sun.com/j2se/1.4.2/download.html#docs
  >we can enjoy 'aes256-cbc'.


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
    +1-415-578-3454
Fax +81-22-224-8773
Skype callto://jcraft/

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
JSch-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jsch-users

[JSch-users] Problem with using a AES-256-CBC private key for authentification sandro.mathys 2008/10/22

Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification Atsuhiko Yamanaka 2008/10/22 <=

Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification Atsuhiko Yamanaka 2008/10/23

Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification sandro.mathys 2008/10/23