[Bug 3254] New: Issue on sshd finds correct private key for a certificate when using ssh-agent

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Jan 23 05:08:54 AEDT 2021


https://bugzilla.mindrot.org/show_bug.cgi?id=3254

            Bug ID: 3254
           Summary: Issue on sshd finds correct private key for a
                    certificate when using ssh-agent
           Product: Portable OpenSSH
           Version: 8.4p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: zhouyc.cc at icloud.com

Please take a look at line 1936 in main() function in sshd.c. 

/* Find matching private key */
        for (j = 0; j < options.num_host_key_files; j++) {
                if (sshkey_equal_public(key,
                        sensitive_data.host_keys[j])) {
                        sensitive_data.host_certificates[j] = key;
                                break;
                        }
        }

the sshkey_equal_public() is trying to compare a cert's pub with a
private key, and it never find a match which makes sshd cannot use this
certificate even though its private key is in ssh-agent.
I believe it should be comparing a cert's public key with a public key
in sensitive_data as follow.

/* Find matching private key */
        for (j = 0; j < options.num_host_key_files; j++) {
                if (sshkey_equal_public(key,
                        sensitive_data.host_pubkeys[j])) {
                        sensitive_data.host_certificates[j] = key;
                                break;
                        }
        }

https://github.com/openssh/openssh-portable/blob/V_8_4/sshd.c#L1936

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list