Is this Private key *really* encrypted?

1

I have used PuTTYgen to generate two keys to be used in SSH communication, when doing so I added a password to protect both files. This password works, as it is required when opening the .ppk in pageant.

However, I have noticed that I can open the file in Notepad to see the following:

PuTTY-User-Key-File-2: ssh-rsa
Encryption: aes256-cbc
Comment: rsa-key-20160116
Public-Lines: 6
AAAAB3NzaC1yc2EAAAABJQAAAQEAsoVC582ZMBopBMtOcyKUBh5vlKlrC+3KeEQD
EYXx <censored for protection>
Private-MAC: 8e4fc1c400 <censored for protection>

Is this key still totally secure, despite what is visible? I am, unfortunately, very new to public/private key security... Thank you for your help.

Sam3000

Posted 2016-01-17T01:00:01.767

Reputation: 2 730

Couldn't help it, but after this moment - NO :D Yes is totally secure don't worry, just keep your private key - private :D – Setekh – 2016-01-17T01:04:14.570

Answers

2

Just because you can open it in a text editor and it doesn't look like binary doesn't make it any more or less secure. For example, the chunk starting AAAA... is Base64 encoded binary. So there are binary chunks in there, they're just encoded in a way that permits programs that may not understand binary to deal with them. (We still have such programs, but this is mainly a throwback from the old days when you had to be careful of what kind of content you tried to send over the wire because some systems would mangle them otherwise.)

The Base64 encoded part is probably the part that's encrypted by the password. It'll be as secure as whatever technique they used to encrypt it.

Ouroborus

Posted 2016-01-17T01:00:01.767

Reputation: 2 549

-1

With public key authentication, the authenticating entity has a public key and a private key. Each key is a large number with special mathematical properties. The private key is kept on the computer you log in from, while the public key is stored on the .ssh/authorized_keys file on all the computers you want to log in to. When you log in to a computer, the SSH server uses the public key to "lock" messages in a way that can only be "unlocked" by your private key - this means that even the most resourceful attacker can't snoop on, or interfere with, your session. As an extra security measure, most SSH programs store the private key in a passphrase-protected format, so that if your computer is stolen or broken in to, you should have enough time to disable your old public key before they break the passphrase and start using your key. Wikipedia has a more detailed explanation of how keys work.

Setekh

Posted 2016-01-17T01:00:01.767

Reputation: 502

Thank you, but does the ability to open the key in notepad bypass the password protection...? I can only assume not, but deemed it to important to assume. – Sam3000 – 2016-01-17T01:12:50.367

IT is perfectly safe.. this is AES-256 crypto.. not that easy to bruteforce.. Most encryption / hash algorithms are in a from that you can view, but that's why it is encrypted so you can not see the plain-text of it – Setekh – 2016-01-17T01:21:12.973

Asked: 2016-01-17T01:00:01.767

Viewed: 326 times

Active: 2016-01-17T01:14:28.053