1This document describes the private key format for OpenSSH. 2 31. Overall format 4 5The key consists of a header, a list of public keys, and 6an encrypted list of matching private keys. 7 8#define AUTH_MAGIC "openssh-key-v1" 9 10 byte[] AUTH_MAGIC 11 string ciphername 12 string kdfname 13 string kdfoptions 14 int number of keys N 15 string publickey1 16 string publickey2 17 ... 18 string publickeyN 19 string encrypted, padded list of private keys 20 212. KDF options for kdfname "bcrypt" 22 23The options: 24 25 string salt 26 uint32 rounds 27 28are concatenated and represented as a string. 29 303. Unencrypted list of N private keys 31 32The list of privatekey/comment pairs is padded with the 33bytes 1, 2, 3, ... until the total length is a multiple 34of the cipher block size. 35 36 uint32 checkint 37 uint32 checkint 38 string privatekey1 39 string comment1 40 string privatekey2 41 string comment2 42 ... 43 string privatekeyN 44 string commentN 45 char 1 46 char 2 47 char 3 48 ... 49 char padlen % 255 50 51Before the key is encrypted, a random integer is assigned 52to both checkint fields so successful decryption can be 53quickly checked by verifying that both checkint fields 54hold the same value. 55 564. Encryption 57 58The KDF is used to derive a key, IV (and other values required by 59the cipher) from the passphrase. These values are then used to 60encrypt the unencrypted list of private keys. 61 625. No encryption 63 64For unencrypted keys the cipher "none" and the KDF "none" 65are used with empty passphrases. The options if the KDF "none" 66are the empty string. 67 68$OpenBSD: PROTOCOL.key,v 1.1 2013/12/06 13:34:54 markus Exp $ 69