Re: Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 26 Mar 2014, Pieter Bowman wrote:

> Here is the output of "ssh -vvv" from both ssh 6.4p1 and 6.6p1 talking
> to the same sshd (6.5p1) and using the same ssh-keysign (6.6p1).  I
> know I'm mixing things a bit, but the behavior is the same no matter
> which sshd is being used.  I replaced hostname, IP address and home
> directory paths.

Are you sure that the ssh-keysign is really OpenSSH 6.6p1's? The error
you are getting below is consistent with an old ssh-keysign choking
on a key type that it doesn't understand (e.g. Ed25519).

In any case, this patch to ssh-keysign might help us understand what
it happening:

diff --git ssh-keysign.c ssh-keysign.c
index 4b0996f..cf2cbfd 100644
--- ssh-keysign.c
+++ ssh-keysign.c
@@ -150,7 +150,7 @@ main(int argc, char **argv)
 	struct passwd *pw;
 	int key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
 	u_char *signature, *data;
-	char *host;
+	char *host, *fp;
 	u_int slen, dlen;
 	u_int32_t rnd[256];
 
@@ -236,8 +235,11 @@ main(int argc, char **argv)
 			break;
 		}
 	}
-	if (!found)
-		fatal("no matching hostkey found");
+	if (!found) {
+		fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+		fatal("no matching hostkey found for key %s %s",
+		    key_type(key), fp);
+	}
 
 	if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
 		fatal("key_sign failed");

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux