[PATCH] Specify signature algorithm during server hostkeys prove

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello,

I've found that when using the ssh agent and sshd together, there is an issue
when using multiple host keys. Specifically, after the key exchange phase,
when a client requests proof of ownership for the host keys via the
"hostkeys-prove-00@xxxxxxxxxxx" request, the server prepares the response
without specifying the signature algoorithm in case of non-RSA keys.

This leads to "SSH_ERR_INVALID_ARGUMENT" when verifying the signature in :

openssh-portable/authfd.c line 
if ((r = sshkey_check_sigtype(sig, len, alg)) != 0)

To resolve this, I explicitly sets the signature
algorithm, ensuring proper verification for all key types.

I would appreciate any feedback or suggestions regarding this issue.

Best regards,
Maxime






[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux