Public Key Authentication Bug
Vincent Danen
vdanen-sender-20597b45 at freezer-burn.org
Wed Jun 26 10:55:46 EST 2002
On Tue Jun 25, 2002 at 11:45:30AM -0400, Russell Elik Rademacher wrote:
> I usually don't get involved in the mailing lists unless it is of a major
> importance. Here is a new problem that came up with the 3.3.p1 version, which I
> already reported to the Mandrake Developers on their RPM build. Basically, it
> boils down to this.
>
> In the Priv Seperation Mode or not, the public Key Authentication is
> throughly broken on all 3 versions of Keys, RSA1, RSA, and DSA versions. It
> applies to SSH1 and SSH2. This is reported on 7.2 version Mandrake with the
> 2.2. Kernel Build. I am still working on testing it on the 2.4 Kernel Build to
> see how it works out on the Redhat. This SSH Build have a patch from Solar
> Designer which is made to make it work on 2.2 Kernel.
>
> But other than that, the functionality of the SSH is perfect and working as
> usual. Just no Public Key Authentication.
I don't think this has anything to do with Solar's patch. You forgot
to mention that you were using Putty and F-Protect as clients (I think
F-Protect is the other you mentioned).
Before we put the Mandrake updates out, both public key and password
authentication were tested on all platforms, with 2.2 and 2.4 kernels
(using openssh as a client, not Putty or anything else). Both forms
of authentication worked fine.
I still have to hop on a windows machine and test Putty with public
keys to see if I can reproduce your problem; without testing I can
only suspect that Putty and/or F-Protect are the problem, or that
something in openssh changed (doubtful) that prevents it from working
unless an openssh client is used.
As soon as I have a chance to test this, I'll post my findings.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
"lynx -source http://www.freezer-burn.org/bios/vdanen.gpg | gpg --import"
{GnuPG: 1024D/FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
Current Linux kernel 2.4.18-6.10mdk uptime: 17 days 21 hours 8 minutes.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020625/038cd757/attachment.bin
More information about the openssh-unix-dev
mailing list