Fw: Problem/bug report for "bad decrypted len" error in OpenSSH

Stefan Hadjistoytchev sth at hq.bsbg.net
Thu Jul 3 04:18:04 EST 2003


Markus and Damien,

here is a more detailed explanation about BUG report at
"http://bugzilla.mindrot.org/show_bug.cgi?id=592" concerning
"bad decrypted len" error in OpenSSH:

If anyone wants to do a private key sign, and the key is located in a device
or the Microsoft certificate store in which the private key cannot be
accessed directly ( you cannot access the private key directly for
encryption or decryption ) he must use Microsoft Crypto API. That exact
Microsoft Crypto API method always returns 36 bytes instead of the 35 bytes
(OpenSSH standard).

A private key sign is the method by which both SSL and SSH uses to do
authentication. What this really means is the host sends an authentication
challenge to the host which is signed by the workstation (private key
encrypt) and is then decrypted with the public key by the host.  Since only
the owner of the private key can encrypt data which can be decrypted by the
public key held by the host, the host feels he can trust the connection.

The method used within the crypto API is:

(1) Obtain the context for the private key using the public key contained
within the
certificate.
(2) Create a hash of the challenge using the CALG_SSL3_SHAMD5 method.
(3) Sign the hash
(4) return to host

(Notes:
    1. This all pertains only to SSH-2.  SSH-1 uses another method, and in
fact cannot be done using private keys that cannot be accessed directly;
    2. This only pertains to certificate based private/public keys.  If you
use normal OpenSSH keys, then you do not have the problem since the private
key can be
accessed directly
    3. Those that use servers from SSH Data Communications do not have the
problem. )



Best regards
    Stefan





More information about the openssh-unix-dev mailing list