Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANO7a6win4F2KKbXmvAmB4Fcj9DrcHQz1WE5Ub+pvprs_JHLfA@mail.gmail.com>
Date: Mon, 10 Jun 2019 19:25:14 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Issues cracking an ssh key

On Fri, May 31, 2019 at 10:17 PM Adam Lininger <arlininger@...il.com> wrote:
> I've got an encrypted ssh private key. I've managed to use ssh2john to
> convert it and seem to have a crack (using --format=ssh-opencl).
> However, the resulting passphrase doesn't decrypt the key. Instead
> openssl errors out.
>
> When I use --format=ssh and a fresh pot file, the same passphrase does
> NOT appear to crack the key. What's odd is that the ssh format warns
> about false positives and keeps going while ssh-opencl does not.

The OpenCL SSH code is missing the "second round" (extra set) of
verification checks IIRC, which leads to this problem of false
positives. I am not sure how hard it would be to make the OpenCL SSH
code as rigorous as the CPU code (I haven't seen JtR code in a while).

Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.