OpenSSH 8.2 appears to be one key to send the public key and a different key to send the signature?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I'm trying to connect to an SSH server using OpenSSH_8.2p1
Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f  31 Mar 2020 and am seeing some weird
stuff in the logs. In particular, there's this:

debug3: sign_and_send_pubkey: RSA
SHA256:Xss+fkLagMzhqQfEakymnMzhqQN2FnzmZHrGJJFRzXA
debug3: sign_and_send_pubkey: signing using rsa-sha2-512
SHA256:Xss+fkLagMzhqQfGgpPlmWuHq8N2FnzmZHrGJJFRzXA

What's weird about that is that the key fingerprints are subtly different:

SHA256:Xss+fkLagMzhqQf    EakymnMzhqQ    N2FnzmZHrGJJFRzXA
SHA256:Xss+fkLagMzhqQf    GgpPlmWuHq8    N2FnzmZHrGJJFRzXA

(I added the spaces to make them more readable)

My question is...  how can this be so?

Here's the code that does that:

https://github.com/openssh/openssh-portable/blob/V_8_2_P1/sshconnect2.c#L1247

But in my cursory reading of the code it looks like those two lines should
be the same - not different.

It's also strange that, despite being different, that they're as similar as
they are. With any cryptographic hash I'd expect that changing one
character would change the whole hash *completely* but in this case like
less than half of the hash is being changed? That doesn't make any sense to
me.

Any ideas?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux