diff --git a/run/ssh2john.py b/run/ssh2john.py
index 9dad160add..d4a81866a4 100755
--- a/run/ssh2john.py
+++ b/run/ssh2john.py
@@ -186,7 +186,7 @@ def read_private_key(filename):
         if keysize == 24 and encryption_type == "AES-192-CBC" and (ktype == 0 or ktype == 1):  # RSA, DSA keys using AES-192
             hashline = "%s%s:$sshng$%s$%s$%s$%s$%s" % (f.name, filename_idx, 4, len(saltstr) // 2,
                 saltstr, len(data) // 2, data)
-        elif keysize == 32 and encryption_type == "AES-256-CBC" and (ktype == 0 or ktype == 1 or ktype == 3):  # RSA, DSA, EC keys using AES-256
+        elif keysize == 32 and encryption_type == "AES-256-CBC" and (ktype == 0 or ktype == 1):  # RSA, DSA keys using AES-256
             hashline = "%s%s:$sshng$%s$%s$%s$%s$%s" % (f.name, filename_idx, 5, len(saltstr) // 2,
                 saltstr, len(data) // 2, data)
         elif keysize == 24:
@@ -198,6 +198,9 @@ def read_private_key(filename):
         elif keysize == 16 and ktype == 3:  # EC keys using AES-128
             hashline = "%s%s:$sshng$%s$%s$%s$%s$%s" % (f.name, filename_idx, 3, len(saltstr) // 2,
                 saltstr, len(data) // 2, data)
+        elif keysize == 32 and ktype == 3:  # EC keys using AES-256
+            hashline = "%s%s:$sshng$%s$%s$%s$%s$%s" % (f.name, filename_idx, 7, len(saltstr) // 2,
+                saltstr, len(data) // 2, data)
         elif keysize == 32 and encryption_type == "AES-256-CBC" and ktype == 2:  # bcrypt pbkdf + aes-256-cbc
             hashline = "%s%s:$sshng$%s$%s$%s$%s$%s$%d$%d" % (f.name, filename_idx, 2, len(saltstr) // 2,
                 saltstr, len(data) // 2, data, rounds, ciphertext_begin_offset)