Forum Archive

I'm working on an ssh client for pythonista and have ran into a problem generating a password protected key pair. I keep getting an error which I think is from pycrypto. The error occurs when trying to encrypt the private key. Any ideas would be greatly welcome.

Error: IV must be 8 bytes long.

import paramiko
def keygen(fil,passwd=None,bits=1024):
    k = paramiko.RSAKey.generate(bits)
    k.write_private_key_file(fil, password=passwd)
    o = open(fil+'.pub' ,"w").write(k.get_base64())

keygen('rsa_test','password')

Fixed it. There was a bug in paramikos cipher.

Can you please post the workaround?

Change the following line in pkey.py to hardcode the 'AES-128-CBC' cipher instead. The comment states that there is a single cipher that is used. The error is from trying to use DES. I just hard coded it to AES.

_write_private_key()

# cipher_name = list(self._CIPHER_TABLE.keys())[0]
cipher_name = 'AES-128-CBC'

Nice. Yes, you definitely want AES instead of DES which was proven insecure long ago. A good summary of the history at http://stackoverflow.com/questions/5554526/comparison-of-des-triple-des-aes-blowfish-encryption-for-data