[Bug 2959] New: Disabling just rsa-sha2-512 breaks public key authentication
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jan 23 21:43:43 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=2959
Bug ID: 2959
Summary: Disabling just rsa-sha2-512 breaks public key
authentication
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs at mindrot.org
Reporter: ossman at cendio.se
Put this in sshd_config:
> PubkeyAcceptedKeyTypes -rsa-sha2-512
And any client supporting it will fail to authenticate rather than
using rsa-sha2-256 or ssh-rsa.
You also get this somewhat misleading log entry:
> Jan 23 11:38:10 ossman.lkpg.cendio.se sshd[26633]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedKeyTypes [preauth]
The problem is that the client looks at the supported algorithms
reported during the key exchange. That list is not filtered in any way.
So the server reports it supports rsa-sha2-512. The client trusts the
server and uses rsa-sha2-512. The server then promptly rejects it and
the client doesn't try any other algo.
My use case was just testing, but there might be more realistic
scenarios where it can cause problems.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list