Comment 28 for bug 907675

Colin Watson (cjwatson) wrote :

@dkg0 We need to fix https://twistedmatrix.com/trac/ticket/8966. I think it ought to be done in a few more pieces than the current (partial and now stale) PR for it though; first we need to add support for writing the openssh-key-v1 private key format (I added support for reading it a few months back), and then Ed25519 on top of that.

There's also https://github.com/pyca/cryptography/issues/3509. But realistically we aren't going to have a sufficient version of OpenSSL on Launchpad production systems for quite a while (the bug-fixed version that cryptography needs hasn't even been released yet; I'm not comfortable with running a version of OpenSSL not receiving Ubuntu security support on Launchpad production; and we're currently on 16.04, but even 18.04 doesn't have 1.1.1). I think in practice that means that we'll need to ensure that Twisted has a fallback to some other mechanism, perhaps something based on PyNaCl. I haven't fully worked out the details of that yet.