Hi Darren, On Jan 21 18:55, Darren Tucker wrote: > On Fri, 21 Jan 2022 at 06:33, Corinna Vinschen <vinschen@xxxxxxxxxx> wrote: > > > [...] > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > Permissions 0644 for > > '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are > > too open. > > It is required that your private key files are NOT accessible by others. > > This private key will be ignored. > > Unable to load host key > > "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad > > permissions > > > > Shouldn't the testsuite have generated the files with correct permissions > > in the first place? And then again, these are PUB files. Shouldn't > > a 644 permission suffice? > > > > I've seen this in the past where the test had cached keys of a type that > the current binaries do not support (eg because the new binaries were > configured without openssl). I think it's because the key code tries the > .pub file when the private key file fails to load. Maybe retry in a > clean directory? I was building and testing in a clean dir from scratch. I cleaned out the regress subdir, keeping only Makefile, and started the test again with LTESTS=hostkey-agent but the failure bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx is reproducible. The failed-ssh.log file contains debug1: kex: host key algorithm: (no match)^M Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx^M FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx All other key types work fine, though. The "WARNING: UNPROTECTED PRIVATE KEY FILE!" messages are the same, though. I attached the "failed-*.log" files. All other tests of the testsuite are either skipped (platform dependent) or succeed. Thanks, Corinna
trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ssh-ed25519-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 7 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: Authenticating to 127.0.0.1:4242 as 'corinna' debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: sk-ssh-ed25519-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx debug2: compression stoc: none,zlib@xxxxxxxxxxx debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ssh-ed25519-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 7 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: Authenticating to 127.0.0.1:4242 as 'corinna' debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: sk-ssh-ed25519-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx debug2: compression stoc: none,zlib@xxxxxxxxxxx debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 7 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: Authenticating to 127.0.0.1:4242 as 'corinna' debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx debug2: compression stoc: none,zlib@xxxxxxxxxxx debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/ssh -oHostKeyAlgorithms=sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx -F /home/corinna/tmp/openssh/regress/ssh_proxy host echo $SSH_CONNECTION debug2: resolved SecurityKeyProvider $SSH_SK_PROVIDER => debug1: Executing proxy command: exec env SSH_SK_HELPER="/home/corinna/tmp/openssh/ssh-sk-helper" sh /home/corinna/src/openssh/src/regress/sshd-log-wrapper.sh /home/corinna/tmp/openssh/regress/sshd.log /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519 type 3 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-ed25519-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa type 0 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-rsa-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss type 1 debug1: identity file /home/corinna/tmp/openssh/regress/ssh-dss-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp256-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp384-cert type -1 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521 type 2 debug1: identity file /home/corinna/tmp/openssh/regress/ecdsa-sha2-nistp521-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 7 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: Authenticating to 127.0.0.1:4242 as 'corinna' debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@xxxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx debug2: ciphers ctos: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: ciphers stoc: chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx debug2: MACs ctos: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@xxxxxxxxxxx debug2: compression stoc: none,zlib@xxxxxxxxxxx debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with UNKNOWN port 65535: no matching host key type found. Their offer: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions debug1: inetd sockets after dupping: 4, 5 Connection from UNKNOWN port 65535 on UNKNOWN port 65535 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 4 setting O_NONBLOCK debug2: fd 5 setting O_NONBLOCK debug3: ssh_sandbox_init: preparing rlimit sandbox debug2: Network child is on pid 775 debug3: preauth child monitor started debug3: append_hostkey_type: ssh-ed25519 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: rsa-sha2-512 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: rsa-sha2-256 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ssh-dss key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp256 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp384 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp521 key not permitted by HostkeyAlgorithms [preauth] debug1: list_hostkey_types: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx [preauth] FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions debug1: inetd sockets after dupping: 4, 5 Connection from UNKNOWN port 65535 on UNKNOWN port 65535 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 4 setting O_NONBLOCK debug2: fd 5 setting O_NONBLOCK debug3: ssh_sandbox_init: preparing rlimit sandbox debug2: Network child is on pid 775 debug3: preauth child monitor started debug3: append_hostkey_type: ssh-ed25519 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: rsa-sha2-512 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: rsa-sha2-256 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ssh-dss key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp256 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp384 key not permitted by HostkeyAlgorithms [preauth] debug3: append_hostkey_type: ecdsa-sha2-nistp521 key not permitted by HostkeyAlgorithms [preauth] debug1: list_hostkey_types: ssh-ed25519-cert-v01@xxxxxxxxxxx,rsa-sha2-512-cert-v01@xxxxxxxxxxx,rsa-sha2-256-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx [preauth] FAIL: cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions debug1: inetd sockets after dupping: 4, 5 Connection from UNKNOWN port 65535 on UNKNOWN port 65535 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 4 setting O_NONBLOCK debug2: fd 5 setting O_NONBLOCK debug3: ssh_sandbox_init: preparing rlimit sandbox debug2: Network child is on pid 878 debug3: preauth child monitor started FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed trace: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx Executing: /home/corinna/tmp/openssh/sshd -i -f /home/corinna/tmp/openssh/regress/sshd_proxy @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-ed25519.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-rsa.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ssh-dss.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp384.pub": bad permissions @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Unable to load host key "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp521.pub": bad permissions debug1: inetd sockets after dupping: 4, 5 Connection from UNKNOWN port 65535 on UNKNOWN port 65535 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8 debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000 debug2: fd 4 setting O_NONBLOCK debug2: fd 5 setting O_NONBLOCK debug3: ssh_sandbox_init: preparing rlimit sandbox debug2: Network child is on pid 878 debug3: preauth child monitor started FAIL: cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed FAIL: bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
