So I copied an SSH private key from my Linux machine to my M1 Mac. (I've attempted to do this both by uploading the cyphertext to a secrets manager as well as directly transfering the file) but when attempting to SSH to the same machine from each I can only succeed from the Linux machine.
Linux machine:
$ ssh -V
OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020
$ md5sum id_rsa
7ed8b0c73e168ef48acc715d4c6bcf73 id_rsa
$ sha256sum id_rsa
969d0a35b36c50035881bdd2d8367b90dbff548131d5c72989d29e83b7a3aa19 id_rsa
$ ssh-keygen -l -f id_rsa
4096 SHA256:d19Ee+tlzVHitLzKuuZbdgYcnhla96ypXNtpBwrqfqE [email protected] (RSA)
$ ssh -i id_rsa [email protected]
[redacted MOTD; WORKS]
M1 Mac:
$ ssh -V
openSSH_8.6p1, LibreSSL 2.8.3
$ md5 id_rsa
MD5 (id_rsa) = 7ed8b0c73e168ef48acc715d4c6bcf73
$ shasum -a 256 id_rsa
969d0a35b36c50035881bdd2d8367b90dbff548131d5c72989d29e83b7a3aa19 id_rsa
$ ssh-keygen -l -f id_rsa
4096 SHA256:rWsP9jN2otlchh8icr/jlnZxDjEfEkngDJOoPh4RYZI [email protected] (RSA)
$ ssh -i id_rsa [email protected]
[email protected]: Permission denied (publickey).
AFAICT these private keys are identical. However for some reason ssh-keygen does not fingerprint them thesame. Even though they have identical checksums. Could this be an issue with the M1 SoC? Or is there something much more obvious happening here?
The issue here was a misunderstanding with how ssh-keygen reports on figerprints. Even if you provide it with the path to a private key, with the -l flag it will use the corresponding public key file. And that's where I still had a mismatch. Upon fixing the public key everything worked as expected.