Thanks a lot for the response. The issue was that in jsch, the initial handshake request contained only rsa-ssh as the supported algorithm. I modified the code to support ssh-rsa2, then the server started using the new signature algorithm, and i finally managed to connect. Regards Renjith On Mon, 10 Jun 2019, 13:59 Jakub Jelen, <jjelen@xxxxxxxxxx> wrote: > On Sun, 2019-06-09 at 23:54 +0530, Renjith D wrote: > > Hello folks, > > > > I am new here, so please be gentle :), and any help will be > > appreciated. > > > > Essentially what I am trying to do is, to use Jsch ( the java > > implementation of SSH client). it has support for Public key based > > authentication. > > Since there is a requirement for FIPS enablement, we are trying to > > use the > > Algorithm SHA256withRSA, instead of SHA1withRSA. > > When the code tries to verify the signature of the public key of the > > server > > using this algorithm, it is throwing an exception > > ObjectIdentifier mismatch: 1.3.14.3.2.26. (which is the OID of SHA1). > > So my > > understanding is the server is forcing the signature to be SHA1. > > I did try to use the parameter > > PubkeyAcceptedKeyTypes ssh-ed25519*,ecdsa-sha2*,rsa-sha2-*,ssh-rsa > > But that does not help. > > > > Also with the same SHA256withRSA algorithm when the code sign the > > data and > > send it to server, it results in signature unverified error. > > debug3: mm_answer_keyverify: publickey 0x56471045da10 signature > > unverified > > > > Things work fine for ECDSA keypair with sha256. I am able to > > successfully > > connect using this keypair. > > > > My understanding was, as of 7.2 the support for SHA256 with RSA was > > there ( > > https://www.openssh.com/txt/release-7.2) > > > > Are there any options which I am not aware of? > > At the moment I am using openssh-7.9p1-233.1.x86_64 on SLES12. > > > > Thanks a lot for the help. > > Hello and welcome, > > The RSA with SHA2 (the base ssh-rsa method supports only SHA1) is > defined in recent RFC 8332. The SHA2 usage in RSA authentication is > negotiated during key exchange as described in another recent RFC 8308. > > Neither of these features look like supported by the JSCh if I read its > changelog and feature list correctly so I think you will either have to > use ECDSA or work with JSCh to implement these features for you. The > RSA with SHA2 works fine against other implementations supporting these > RFC as far as I know (for example recent libssh). > > Regards, > -- > Jakub Jelen > Senior Software Engineer > Security Technologies > Red Hat, Inc. > > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
