Re: Please help test recent changes

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi Darren,

On Jan 21 18:55, Darren Tucker wrote:
> On Fri, 21 Jan 2022 at 06:33, Corinna Vinschen <vinschen@xxxxxxxxxx> wrote:
> 
> > [...]
> >   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> >   @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> >   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> >   Permissions 0644 for
> > '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are
> > too open.
> >   It is required that your private key files are NOT accessible by others.
> >   This private key will be ignored.
> >   Unable to load host key
> > "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad
> > permissions
> >
> > Shouldn't the testsuite have generated the files with correct permissions
> > in the first place?  And then again, these are PUB files.  Shouldn't
> > a 644 permission suffice?
> >
> 
> I've seen this in the past where the test had cached keys of a type that
> the current binaries do not support (eg because the new binaries were
> configured without openssl).  I think it's because the key code tries the
> .pub file when the private key file fails to load. Maybe retry in a
> clean directory?

I was building and testing in a clean dir from scratch.  I cleaned out
the regress subdir, keeping only Makefile, and started the test again
with LTESTS=hostkey-agent but the failure

  bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx

is reproducible.  The failed-ssh.log file contains

  debug1: kex: host key algorithm: (no match)^M
  Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx^M
  FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed
  FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx

All other key types work fine, though.  The "WARNING: UNPROTECTED
PRIVATE KEY FILE!" messages are the same, though.  I attached the
"failed-*.log" files.

All other tests of the testsuite are either skipped (platform dependent)
or succeed.


Thanks,
Corinna
trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx

trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ssh-ed25519-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION
debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => 
debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 7 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: Authenticating to 127.0.0.1:4242 as 'corinna'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib
debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx
debug2: compression stoc: none,zlib@xxxxxxxxxxx
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ssh-ed25519-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION
debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => 
debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 7 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: Authenticating to 127.0.0.1:4242 as 'corinna'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib
debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx
debug2: compression stoc: none,zlib@xxxxxxxxxxx
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION
debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => 
debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 7 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: Authenticating to 127.0.0.1:4242 as 'corinna'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib
debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx
debug2: compression stoc: none,zlib@xxxxxxxxxxx
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION
debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => 
debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1
debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2
debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 7 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: Authenticating to 127.0.0.1:4242 as 'corinna'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib
debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@xxxxxxxxxxx
debug2: compression stoc: none,zlib@xxxxxxxxxxx
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx

trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions
debug1: inetd sockets after dupping: 4, 5
Connection from UNKNOWN port 65535 on UNKNOWN port 65535
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 775
debug3: preauth child monitor started
debug3: append_hostkey_type: ssh-ed25519 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: rsa-sha2-512 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: rsa-sha2-256 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ssh-dss key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp256 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp384 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp521 key not permitted by HostkeyAlgorithms [preauth]
debug1: list_hostkey_types: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx [preauth]
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions
debug1: inetd sockets after dupping: 4, 5
Connection from UNKNOWN port 65535 on UNKNOWN port 65535
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 775
debug3: preauth child monitor started
debug3: append_hostkey_type: ssh-ed25519 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: rsa-sha2-512 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: rsa-sha2-256 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ssh-dss key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp256 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp384 key not permitted by HostkeyAlgorithms [preauth]
debug3: append_hostkey_type: ecdsa-sha2-nistp521 key not permitted by HostkeyAlgorithms [preauth]
debug1: list_hostkey_types: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx [preauth]
FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions
debug1: inetd sockets after dupping: 4, 5
Connection from UNKNOWN port 65535 on UNKNOWN port 65535
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 878
debug3: preauth child monitor started
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed

trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions
debug1: inetd sockets after dupping: 4, 5
Connection from UNKNOWN port 65535 on UNKNOWN port 65535
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 878
debug3: preauth child monitor started
FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed
FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux