no mutual signature algorithm with RSA user certs client 7.8, server 7.4

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

One of our users who is running an OS (I think it's the latest beta
macOS 10.14.1) with ssh version "OpenSSH_7.8p1, LibreSSL 2.7.3" is
unable to use our user SSH RSA certificates to authenticate to our
servers (which are running "OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan
2017").

We see this error on the client side:

debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
...
debug1: Offering public key: RSA-CERT SHA256:xxx /path/to/key
debug1: send_pubkey_test: no mutual signature algorithm

(So far as I can tell, neither the server nor client are overriding
default algorithms in their respective configurations)

I added some printf debugging to the client to show the values being compared:

debug1: Offering public key: RSA-CERT SHA256:xxx /path/to/key
debug1: key_sig_algorithm: cp:
ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx sshkey_sigalg_by_name(cp):
ecdsa-sha2-nistp256
debug1: key_sig_algorithm: skipping
ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx due to not matching key->type
debug1: key_sig_algorithm: cp:
ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx sshkey_sigalg_by_name(cp):
ecdsa-sha2-nistp384
debug1: key_sig_algorithm: skipping
ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx due to not matching key->type
debug1: key_sig_algorithm: cp:
ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx sshkey_sigalg_by_name(cp):
ecdsa-sha2-nistp521
debug1: key_sig_algorithm: skipping
ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx due to not matching key->type
debug1: key_sig_algorithm: cp: ssh-ed25519-cert-v01@xxxxxxxxxxx
sshkey_sigalg_by_name(cp): ssh-ed25519
debug1: key_sig_algorithm: skipping ssh-ed25519-cert-v01@xxxxxxxxxxx
due to not matching key->type
debug1: key_sig_algorithm: cp: rsa-sha2-512-cert-v01@xxxxxxxxxxx
sshkey_sigalg_by_name(cp): ssh-rsa-sha2-512
debug1: match_list: comparing cp: ssh-rsa-sha2-512 against sp: rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa-sha2-512 against sp: rsa-sha2-512
debug1: key_sig_algorithm: cp: rsa-sha2-256-cert-v01@xxxxxxxxxxx
sshkey_sigalg_by_name(cp): ssh-rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa-sha2-256 against sp: rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa-sha2-256 against sp: rsa-sha2-512
debug1: key_sig_algorithm: cp: ssh-rsa-cert-v01@xxxxxxxxxxx
sshkey_sigalg_by_name(cp): ssh-rsa
debug1: match_list: comparing cp: ssh-rsa against sp: rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa against sp: rsa-sha2-512
debug1: key_sig_algorithm: cp: ecdsa-sha2-nistp256
sshkey_sigalg_by_name(cp): ecdsa-sha2-nistp256
debug1: key_sig_algorithm: skipping ecdsa-sha2-nistp256 due to not
matching key->type
debug1: key_sig_algorithm: cp: ecdsa-sha2-nistp384
sshkey_sigalg_by_name(cp): ecdsa-sha2-nistp384
debug1: key_sig_algorithm: skipping ecdsa-sha2-nistp384 due to not
matching key->type
debug1: key_sig_algorithm: cp: ecdsa-sha2-nistp521
sshkey_sigalg_by_name(cp): ecdsa-sha2-nistp521
debug1: key_sig_algorithm: skipping ecdsa-sha2-nistp521 due to not
matching key->type
debug1: key_sig_algorithm: cp: ssh-ed25519 sshkey_sigalg_by_name(cp):
ssh-ed25519
debug1: key_sig_algorithm: skipping ssh-ed25519 due to not matching key->type
debug1: key_sig_algorithm: cp: rsa-sha2-512 sshkey_sigalg_by_name(cp):
rsa-sha2-512
debug1: key_sig_algorithm: skipping rsa-sha2-512 due to not matching key->type
debug1: key_sig_algorithm: cp: rsa-sha2-256 sshkey_sigalg_by_name(cp):
rsa-sha2-256
debug1: key_sig_algorithm: skipping rsa-sha2-256 due to not matching key->type
debug1: key_sig_algorithm: cp: ssh-rsa sshkey_sigalg_by_name(cp): ssh-rsa
debug1: key_sig_algorithm: skipping ssh-rsa due to not matching key->type
debug1: send_pubkey_test: no mutual signature algorithm

I think the most relevant few lines is:

debug1: key_sig_algorithm: cp: rsa-sha2-256-cert-v01@xxxxxxxxxxx
sshkey_sigalg_by_name(cp): ssh-rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa-sha2-256 against sp: rsa-sha2-256
debug1: match_list: comparing cp: ssh-rsa-sha2-256 against sp: rsa-sha2-512

It looks like the "ssh-" prefix is returned by sshkey_sigalg_by_name()
which does not match the algorithm identifiers returned by our server.

Any suggestions on how we can configure either our server (7.4) or
preferably client (7.8) to resolve?

Many thanks,

Cheers, Adam
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux