Re: sshd and consequences of HostKeyAgent

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sat, Jun 20, 2015 at 09:12:45PM +0200, Igor Bukanov wrote:
Hello,

I tried to use HostKeyAgent with sshd 6.7 under Linux. That worked for
Linux clients. However, when I tried to connect from OpenSSH 6.2 under
Mac OS X, the server disconnects:

debug2: bits set: 1026/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
Connection closed by 84.22.97.209

When I disabled HostKeyAgent and switched HostKey back to the private
keys, then I could connect from the Mac client again.This implies that
HostKeyAgent somehow affects the bytes that are sent to the client.

Why is it so? I.e. shouldn't HostKeyAgent just be an implementation
detail that should not affect the client in any way?


Apologies if this is overly obvious, but are you certain you added a key of a type supported by the client to the hostkey agent? The Apple-supplied, nominally-6.2 ssh client on my OSX machine doesn't seem to support anything but RSA and DSS, so with that client I get the same behavior you note above with only ECDSA & ED25519 hostkeys added to the server's agent, but after also adding an RSA key it works fine. (A 6.7 client I have from MacPorts does support ECDSA and ED25519 though, for what it's worth.)


Zev

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux