Hello trid users,
some days ago i must create SSH keys to access my "FreiFunk" router. I use
the SSH client tool PuTTY. This tool stores the keys in own file format with
file name extension ppk. For test reasons i create more PPK files.
Nowadays version 2 is up-to-date in PPK files. Unfortunately i found no old
real word version 1 example. So generate sample putty-v1-header.ppk for
testing. When running trid on such PPK files the version 1 variant is not
recognized whereas the version 2 variants are described correctly as "PuTTY
Private Key" by ppk.trid.xml (See appended output/trid-old.txt).
The recognition happened by global pattern via XML construct
<Bytes>50755454592D557365722D4B65792D46696C652D323A20</Bytes>
<ASCII> P u T T Y - U s e r - K e y - F i l e - 2 :</ASCII>
<Pos>0</Pos>
Now i run tridscan to update definition file. Now pattern becomes
<Bytes>50755454592D557365722D4B65792D46696C652D</Bytes>
<ASCII> P u T T Y - U s e r - K e y - F i l e -</ASCII>
<Pos>0</Pos>
The file format is visible by looking at PuTTY c source like
sshpubk.c. According to c-source such files always start with the same
phrase "PuTTY-User-Key-File-". After this phrase the version like 1 or 2 is
stored. Unfortunately the current version of PuTTY can not create the old
version 1 variant, but is able to handle old version after a warning.
And when looking inside installer.wxs of PuTTY source it is visible that
instead of mime type "text/plain" a user defined one is used. That is
expressed by line:
<Mime>application/x-putty-private-key</Mime>
So old TrID definition describes version 2 variant. So that definition now
becomes ppk-v2.trid.xml with additional mime type line.
With the new trid definitions all PuTTY keys examples are now described (
see appended output/trid-new-v.txt). TrID definition, some examples and
output are stored in archive ppk_ssh.zip. I hope that my updated XML files
can be used in future version of triddefs.
With best wishes
Jörg Jenderek
