Fw: Problem/bug report for "bad decrypted len" error in OpenSSH
Markus Friedl
markus at openbsd.org
Wed Jul 2 20:50:35 EST 2003
On Wed, Jul 02, 2003 at 11:11:07AM +0200, Nils Larsch wrote:
> >(2) Create a hash of the challenge using the CALG_SSL3_SHAMD5 method.
>
> As far as I know OpenSSH (v2) uses the CALG_SHA method (note: the
> length of the CALG_SSL3_SHAMD5 method is indeed 36, but that's not
> what we want here, but with this I don't really understand why it
> worked without the length check).
yes, that's the problem. CALG_SHA should be used for ssh
(instead of CALG_SSL3_SHAMD5). at least this is how i read
draft-ietf-secsh-transport-15.txt:
The "ssh-rsa" key format has the following specific encoding:
string "ssh-rsa"
mpint e
mpint n
Here the e and n parameters form the signature key blob.
Signing and verifying using this key format is done according to
[SCHNEIER] and [PKCS1] using the SHA-1 hash.
More information about the openssh-unix-dev
mailing list