Re: Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, Mar 21, 2014 at 10:15:56 -0600, Pieter Bowman wrote:
> The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and
> still exists in 6.6p1).  With HostbasedAuthentication/EnableSSHKeysign
> turned on, I am seeing one of two sets of messages:
> 
> no matching hostkey found
> ssh_keysign: no reply
> key_sign failed
> 
> and
> 
> not a valid request
> ssh_keysign: no reply
> key_sign failed
> 
> 
> Then in either case two password prompts:
> 
> bowman@xxxxxxxxxxxxxxxxxx's password: 
> Permission denied, please try again.
> bowman@xxxxxxxxxxxxxxxxxx's password: 
> 
> 
> I've used strace and dtrace to watch what files are opened and
> executables run.  All the correct key files are accessed and the
> correct version of ssh-keysign used.  Even the ssh-keysign from 6.5p1
> or 6.6p1 works correctly with ssh from 6.4p1.
> 

The ssh -vvv output might be of a little interest. I'm particularly
curious as to whether you get the messages that you quoted with each
keysign request or just the one for the ed25519 key.

The behavour sounds like there is a version mismatch which is causing it
to choke on the ed25519 key. You indicate that the correct ssh-keysign
is being invoked, or at least the right path is used. Try running
strings on the executable and grep for ed25519.

Were yyou deliberately failing the two password prompts, or is that
anouther aspect of the problem?

-- 
Iain Morgan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux