Better reporting for signature algorithm mismatch?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



An issue that I come across from time to time is when I try to ssh into a box with an RSA key, and it fails because the target host is old and only does sha1 signatures.  However, the reason is not reported unless I turn on debugging. For example, all I see is:

% ssh foo@bar
foo@bar: Permission denied (publickey,keyboard-interactive).

I find this confusing, since my first inclination is that the public key has not been installed properly on the target host.

But if I remember to try again with debugging, then I see:

% ssh -v foo@bar
...
debug1: Will attempt key: /Users/brian/.ssh/id_rsa RSA SHA256:mVV81jWVCP/SDRFA7vRM/SDQniylCAcBoSERWyhAXEo agent
...
debug1: Offering public key: /Users/brian/.ssh/id_rsa RSA SHA256:mVV81jWVCP/SDRFA7vRM/SDQniylCAcBoSERWyhAXEo agent
debug1: send_pubkey_test: no mutual signature algorithm <<<< *THIS*
...
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
foo@bar: Permission denied (publickey,keyboard-interactive).

% ssh -o PubkeyAcceptedAlgorithms=+ssh-rsa foo@bar
<< success >>

I wonder if there could there be some way to highlight the "no mutual signature algorithm" message more prominently in normal operation? IMO it's not a problem with a specific key, but a protocol configuration issue which would affect *all* keys of that type.  Admittedly it is non-fatal, in the sense that other non-RSA keys or other auth methods can be tried, including falling back to password auth. Even then, I find it confusing to get a password prompt when I though I'd set up key authentication.

Other, fatal protocol compatibility problems *do* get reported, e.g.

Unable to negotiate with bar port 22: no matching key exchange method found.
Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

That's clear and explicit. However, because I'm so used to seeing this type of error when protocols don't match, it makes it more surprising that I don't see them for the ssh-rsa signature problem.  I'd like to see a warning for the first key tried, something like:

Warning: unable to authenticate with rsa key: no mutual signature algorithm
Their offer: ssh-rsa
Our offer: rsa-sha2-256, rsa-sha2-512

Anyway, just an idea.

Regards,

Brian.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux