Re: Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



>> ...
>> Are you sure that the ssh-keysign is really OpenSSH 6.6p1's? The error
>> you are getting below is consistent with an old ssh-keysign choking
>> on a key type that it doesn't understand (e.g. Ed25519).
>> ...

I applied the patch to ssh-keysign.c, compiled from scratch and did
the install.  Here are the differences between the log I sent
previously and for the current install (I went ahead and started the
6.6p1 sshd):

25,26c25,26
< debug1: Remote protocol version 2.0, remote software version OpenSSH_6.5
< debug1: match: OpenSSH_6.5 pat OpenSSH* compat 0x04000000
---
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
> debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000
127c127
< no matching hostkey found
---
> no matching hostkey found for key ED25519 41:cd:e0:03:3f:32:4e:a3:1c:34:b9:c9:8d:cc:d8:d2

So yes, the key in question is the ED25519 key.  The files
/etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_ed25519_key.pub,
exist.  However, the ED25519 key didn't exist in the
/etc/ssh/ssh_known_hosts file.  Adding that key changes the behavior
some, but I still get the following when running 'ssh <HOST>':

no matching hostkey found for key ED25519 41:cd:e0:03:3f:32:4e:a3:1c:34:b9:c9:8d:cc:d8:d2
ssh_keysign: no reply
key_sign failed
bowman@<HOST>'s password: 
Permission denied, please try again.
bowman@<HOST>'s password: 

Including the spurious password prompt, which doesn't wait for input.

Pieter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux