[Bug 2568] New: ssh fails to authenticate using RSA keys when agent does not support sha256/512 signatures

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu May 12 08:56:32 AEST 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2568

            Bug ID: 2568
           Summary: ssh fails to authenticate using RSA keys when agent
                    does not support sha256/512 signatures
           Product: Portable OpenSSH
           Version: -current
          Hardware: Other
               URL: https://github.com/connectbot/connectbot/issues/397
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: djm at mindrot.org

When attempting a ssh connection using a recent client and recent
server but old or non-openssh agent, the ssh client will request
rsa-sha2-256/512 signatures from the agent unconditionally (since there
is no way for an agent to explicitly signal support for them). The
agent signature request and authentication attempt will therefore fail.

Maybe we should fall back to attempting the classic ssh-rsa style
signature for now?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching the reporter of the bug.


More information about the openssh-bugs mailing list