[Bug 132] New: connects to 1.2.2? vintage sshd sometimes gets "Server lies" about host key size off by 1 bit

Sat Mar 2 02:27:51 EST 2002

http://bugzilla.mindrot.org/show_bug.cgi?id=132

           Summary: connects to 1.2.2? vintage sshd sometimes gets "Server
                    lies" about host key size off by 1 bit
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: dwd at bell-labs.com

sshd versions 1.2.20+ sometimes lies about the host key size by one bit and the
OpenSSH ssh client reports a message like
  Warning: Server lies about size of server host key: actual size is 1023 bits
vs. announced 1024.
I've only observed it to report even numbers and have an actual size of one
less.
Similarly, ssh clients of the same vintage require reported sizes that are even
numbers which can be a problem if one of old host keys that are actually one bit
off are moved forward from the old SSH to OpenSSH.  I will attach a patch.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.