Package: gnupg-agent Version: 2.0.9-1 Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
it's hard for me to tell if this is a bug or not, given the complete lack of documentation for the gpgkey2ssh utility (see #380241). But i'm pretty sure gpgkey2ssh is not supposed to be doing what it claims it is doing. In particular, if i take a standard RSA gpg key (4096 or 1024 bits in the cases i've tested) and feed it to gpgkey2ssh, the resulting output appears to be a 17-bit RSA key to OpenSSH, which is obviously wrong: [0 [EMAIL PROTECTED] cdtemp.F22412]$ gpg --fingerprint CCD2ED94D21739E9 | head -n2 pub 4096R/D21739E9 2007-06-02 [expires: 2012-05-31] Key fingerprint = 0EE5 BE97 9282 D80B 9F75 40F1 CCD2 ED94 D217 39E9 [0 [EMAIL PROTECTED] cdtemp.F22412]$ gpgkey2ssh CCD2ED94D21739E9 >x [0 [EMAIL PROTECTED] cdtemp.F22412]$ ssh-keygen -l -f x 17 a0:ad:92:70:16:92:a2:34:3a:7d:50:4a:55:90:78:ac x [0 [EMAIL PROTECTED] cdtemp.F22412]$ (the leading 17 in the output of ssh-keygen -l is supposed to indicate the bit-length of the public key). My guess would be that the multi-precision integers (MPIs) are being output in the wrong order or something, since i believe there is a 17-bit exponent used in most RSA keys (0x10001 or something like that), as determined by: gpg --export "$KEYID" | gpg --list-packets --debug 2 | grep pkey Thanks for your work on gnupg2 in debian! It's much appreciated. --dkg - -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages gnupg-agent depends on: ii libc6 2.7-6 GNU C Library: Shared libraries ii libgcrypt11 1.4.0-3 LGPL Crypto library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libpth20 2.0.7-9 The GNU Portable Threads ii libreadline5 5.2-3 GNU readline and history libraries Versions of packages gnupg-agent recommends: ii gnupg 1.4.6-2.1 GNU privacy guard - a free PGP rep ii gnupg2 2.0.9-1 GNU privacy guard - a free PGP rep ii gpgsm 2.0.9-1 GNU privacy guard - S/MIME version ii pinentry-curses [pinentry] 0.7.5-1 curses-based PIN or pass-phrase en ii pinentry-qt [pinentry] 0.7.5-1 Qt-based PIN or pass-phrase entry - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQIVAwUBR/K0rMzS7ZTSFznpAQLXcw//VTAvibgMtGnm1jmzRRAHR1ZqmFBKU+/z +gCXrpwUNubDaYMbkMNKz8yvfwO0j3A8YX+eSsFf0BlAKE1hQVCU+xhi9fAOhmVh i1ZEgijvfoirr9qeUH3ALux3pybw/ZM3JuVo9Ws/dWvCusqSc5//nnNXCg/ODMcU TnkQJUGBgM7eXeDbRl2Sc0FTAP5HiRBzGmq0OpFL8h0XJbdxTvBe8IDq44BhDF3f If688ef3OOexoRSBTFoikgNhfKPRaM1EEErbJLejrNXewjydtRJAxNjvEJIAhxwE Ra0BMzS5UocHeIkIeW3r+jO4HU0c3sueYClev1YpzSPjmf5pkPh7n6qjkhud48md AwAVZKaDhA9GQcKZvObQZGLa4v3EZ8yAGK8VMlHQWyk71z9A79oaEqxq8anPejr0 HMM5QdAxS4AxtPHp/yR/3gJlIJ/B4MOjBTZ1KzUj3T9veV8UnoTc4OSucN3LSSDH 5YBsGoWCwb9utvxw9GccQC2M/DXogEFM+gtUPH98qX0DB16+ORR9oaWDppZ8SWSu ezTdttgoTzG6VFZPTQB0hhCe3hQB+WY0qjrMmQ46n6ZnAOMfGOKXJO87YpCsIgci ntIhLJROrpkdkFjEMgMUMrCwDu0GCEU4q0VeyB/mhQNekERQODRPqufkR5lFV8U0 GRDsoHwQ4ZA= =HOzd -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]