id_rsa not detected as x-pem-key

Bug #397145 reported by Martin Meyer
38
This bug affects 7 people
Affects Status Importance Assigned to Milestone
seahorse-plugins (Ubuntu)
Low
Unassigned

Bug Description

Binary package hint: seahorse-plugins

I'm trying to make gnome-keyring work as my SSH key forwarding agent properly but I've run into trouble with how my public key is detected. It seems to be the case that gnome-keyring will automagically recognize any file matching ~/.ssh/id_rsa or ~/.ssh/id_dsa if they are properly detected as supported mime types. Regardless of why I'm trying to do this, the fact is that ~/.ssh/id_rsa is detected as type application/octet-stream.

I've tried my best to track down the problem but everything seems to be configured correctly. The shared-mime-info stuff for seahorse is found in /usr/share/mime/packages/seahorse.xml (which belongs to seahorse-plugins). It clearly should be catching my id_rsa file as type application/x-pem-key:

  <mime-type type="application/x-pem-key">
    <magic priority="90">
      <match type="string" value="-----BEGIN RSA PRIVATE KEY-----" offset="0"/>
      <match type="string" value="-----BEGIN DSA PRIVATE KEY-----" offset="0"/>
      <match type="string" value="-----BEGIN ENCRYPTED PRIVATE KEY-----" offset="0"/>
    </magic>
  </mime-type>

My private key file starts exactly as that mime-type definition says it should. Here's an octal dump of the top of that file:

$ od -a id_rsa
0000000 - - - - - B E G I N sp R S A sp P
0000020 R I V A T E sp K E Y - - - - - nl
0000040 P r o c - T y p e : sp 4 , E N C
0000060 R Y P T E D nl D E K - I n f o :
0000100 sp D E S - E D E 3 - C B C , 2 7
0000120 B C 9 D 4 5 E E 5 2 3 3 E D nl nl
...

I even copied the string out of the XML file and pasted it at the top of my id_rsa file. This had no affect on how the file is detected:

$ xdg-mime query filetype id_rsa
application/octet-stream

An extra test:
$ cat > test
-----BEGIN RSA PRIVATE KEY-----<ctrl-D>
username@host:~/.ssh$ xdg-mime query filetype test
application/octet-stream

What exactly is broken about this mime type rule? If the mime type were detected properly then it would automatically get associated with seahorse if I try to open it. I'd also be able to import it into seahorse. This bugs me.

Revision history for this message
Martin Meyer (elreydetodo) wrote :

This still affects me in Karmic, on a fresh installation with a different SSH key file.

Is there anyone who has Seahorse actually recognizing their SSH key? If so can that person please comment on what mime type their key file is detected as?

Revision history for this message
Jirka Daněk (juraad) wrote :

According to Ubuntu Forum post http://ubuntuforums.org/showthread.php?t=682608) it looks that the import is carried out automatically when _both_ id_rsa and id_rsa.pub are present in the .ssh folder.

I was solving a similar problem and the key just popped out in Seahorse when I added the public key. Private key alone is apparently not enough. Maybe that is because in .pub is actually saved the key comment.

So I just did ssh-keygen -y to generate public one, pasted it into gedit, saved as id_rsa.pub and it just works.

BTW, I guess that MIME types doesn't really play a role. For me, in nautilus, id_rsa gets detected as type "Dokument VHDL (text/x-vhdl)" and id_rsa.pub as "Prostý textový dokument (Plain text document) (text/plain)" ;-)

Revision history for this message
Craig (candrews-integralblue) wrote : Re: [Bug 397145] Re: id_rsa not detected as x-pem-key
Download full text (3.6 KiB)

Thanks for this info!

You should also post this on the Ubuntu bug - cause I know I'm going to
forget this in a few weeks, then look at the bug again :-)

~Craig

> According to Ubuntu Forum post
> http://ubuntuforums.org/showthread.php?t=682608) it looks that the
> import is carried out automatically when _both_ id_rsa and id_rsa.pub
> are present in the .ssh folder.
>
> I was solving a similar problem and the key just popped out in Seahorse
> when I added the public key. Private key alone is apparently not enough.
> Maybe that is because in .pub is actually saved the key comment.
>
> So I just did ssh-keygen -y to generate public one, pasted it into
> gedit, saved as id_rsa.pub and it just works.
>
> BTW, I guess that MIME types doesn't really play a role. For me, in
> nautilus, id_rsa gets detected as type "Dokument VHDL (text/x-vhdl)" and
> id_rsa.pub as "Prostý textový dokument (Plain text document)
> (text/plain)" ;-)
>
> --
> id_rsa not detected as x-pem-key
> https://bugs.launchpad.net/bugs/397145
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in “seahorse-plugins” package in Ubuntu: New
>
> Bug description:
> Binary package hint: seahorse-plugins
>
> I'm trying to make gnome-keyring work as my SSH key forwarding agent
> properly but I've run into trouble with how my public key is detected. It
> seems to be the case that gnome-keyring will automagically recognize any
> file matching ~/.ssh/id_rsa or ~/.ssh/id_dsa if they are properly detected
> as supported mime types. Regardless of why I'm trying to do this, the fact
> is that ~/.ssh/id_rsa is detected as type application/octet-stream.
>
> I've tried my best to track down the problem but everything seems to be
> configured correctly. The shared-mime-info stuff for seahorse is found in
> /usr/share/mime/packages/seahorse.xml (which belongs to seahorse-plugins).
> It clearly should be catching my id_rsa file as type
> application/x-pem-key:
>
> <mime-type type="application/x-pem-key">
> <magic priority="90">
> <match type="string" value="-----BEGIN RSA PRIVATE KEY-----"
> offset="0"/>
> <match type="string" value="-----BEGIN DSA PRIVATE KEY-----"
> offset="0"/>
> <match type="string" value="-----BEGIN ENCRYPTED PRIVATE KEY-----"
> offset="0"/>
> </magic>
> </mime-type>
>
> My private key file starts exactly as that mime-type definition says it
> should. Here's an octal dump of the top of that file:
>
> $ od -a id_rsa
> 0000000 - - - - - B E G I N sp R S A sp P
> 0000020 R I V A T E sp K E Y - - - - - nl
> 0000040 P r o c - T y p e : sp 4 , E N C
> 0000060 R Y P T E D nl D E K - I n f o :
> 0000100 sp D E S - E D E 3 - C B C , 2 7
> 0000120 B C 9 D 4 5 E E 5 2 3 3 E D nl nl
> ...
>
> I even copied the string out of the XML file and pasted it at the top of
> my id_rsa file. This had no affect on how the file is detected:
>
> $ xdg-mime query filetype id_rsa
> application/octet-stream
>
> An extra test:
> $ cat > test
> ---...

Read more...

Revision history for this message
Craig (candrews-integralblue) wrote :

Blasted. I'm an idiot.

Revision history for this message
Martin Meyer (elreydetodo) wrote :

Wow! That finally explains why I could never get gnome-keyring to manage my ssh key: I renamed id_rsa.pub to something useful for being scp'd over to other hosts. I created a symlink and it works great now! Fantastic!

So with seahorse/keyring properly recognizing my SSH key now I care a lot less about this bug, but it is still a bug. It should get fixed at some point.

Here's a totally different issue I would like fixed (maybe I should file a bug directly with Seahorse?): Seahorse should update their documentation to properly explain what the criteria are for getting your SSH key to work. Saying that id_rsa is auto-detected would be a good start, and mentioning the hard requirement that id_rsa.pub be present would be good too. Currently the info I was going on is based on a l.g.o page which give me this BS about expecting a certain mime type for the file. Nothing about it being auto-loaded.

Just to be clear though, this bug is officially about the fact that the mimetype data for x-pem-key is not being registered properly. That's the bug I wanted fixed here.

Revision history for this message
runout (office-runout) wrote :

i figured out, the name of the files doesn't matter as long as both files have the same name (public key with .pub) and are in the same directory.

but the import functionality should be fixed.

Changed in seahorse-plugins (Ubuntu):
importance: Undecided → Low
Revision history for this message
Linus C Unneback (linusu) wrote :

I noticed this bug when I did a "Full export" of my ssh key on one of my computers, moved the file (named-something.asc) to my other computer and tried to import it. I got no error message so after a bit of googeling I found this bugreport.

I solved my problem by copying over id_rsa and id_rsa.pub from my first .ssh to my second.

Thanks for the help and I hope that the bug will be fixed soon :)

Colan Schwartz (colan)
Changed in seahorse-plugins (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers