x509 patch for SSH

Konstantin V. Gavrilenko kos at arhont.com
Thu Jan 17 23:28:58 EST 2008

Hash: SHA1

- -------- Original Message --------
Subject: Re: x509 patch for SSH
From: Roumen Petrov <openssh at roumenpetrov.info>
To: k.gavrilenko at arhont.com
CC: openssh-unix-dev at mindrot.org
Date: Wed Jan 16 2008 19:39:22 GMT+0000 (BST)

> Hi Konstantin,
> Please, find answers in quoted text.
> Konstantin V. Gavrilenko wrote:
> Hi guys,
> been trying the x509 patch for ssh from Roumen, it works great.
> However, I can't figure out couple of things, and been trying to solve
> it for couple of days already.
> I'am using OpenSSH_4.7p1-hpn12v19, OpenSSL 0.9.8g
> with 6.1 version of your patch.
> The serverside hostkey is configured correctly, to present
> x509v3-sign-rsa
> dynowork / # ssh-keyscan pingo
> # pingo SSH-2.0-OpenSSH_4.7p1-hpn12v19
> pingo x509v3-sign-rsa Subject:CN=pingo.dmz.arhont.com,OU=IT,O=Arhont
> Ltd,C=GB
> Hoever, in the  situation, when the clients that haven't been patched to
> support x509, just could not connect giving the following error:
> no hostkey alg
>> Correct.
>> In sshd_config(HostKey=...) you could list keys from appropriate type.
>> Client with x509 support will dive same result if HostKeyAlgorithms is
>> set to ssh-rsa,ssh-dss in ~/.ssh/config for that host.

Roumen, thanks for the help.
I guess I was under assumption that by default all four methods are
enabled on the client side, and it will try all of the supported
advertised by the server. In my case, x509v3-rsa and ssh-dss, rather
then quiting after the first incapable one.

> Is it possible to circumvent this apart from also specifying the dss
> key, that non-patched clients would understand.
> The second problem is with clients that are patched, but for one reason
> or another there is no x509 store setup on the client.
>> So in this case client could not create trusted certificate chain and
>> verification will reject give certificate.
>> That is part of PKI and you could test what is result with openssl
>> verify ... without trusted certificates.

Yes, I understand that it will break the verification check and result
in error 20, that is due to the openssl verify behavior.

> They just give out the following error:
> ssh_x509store_cb: subject='CN=pingo.dmz.arhont.com,OU=IT,O=Arhont
> Ltd,C=GB', error 20 at 0 depth lookup:unable to get local issuer
> certificate
> ssh_verify_cert: verify error, code=20, msg='unable to get local issuer
> certificate'
> key_verify failed for server_host_key
> Is it possible to have a situation when if there is no x509 store set up
> on the client, it would simply revert to the password based
> authentication?
>> In reported case client could not trust host key as result will reject
>> to continue.
>> But you could switch to rsa/dss host-keys (HostKeyAlgorithms
>> ssh-rsa,ssh-dss) for that host and then to set order of authentication
>> methods in PreferredAuthentications.

The funny thing is that when I remove the ssh_ca.pem on the client, this
gives out the error 20. Then I set the "HostKeyAlgorithms ssh-dss", it
works and allows for a passwordless login using the client cert
(providing the client cert is mentioned in the AuthorisedKeyFile)
I guess it is a workaround, but can also be considered to be a bug

> I have tried setting
> PubkeyAlgorithms ssh-dss
>> The client will use only ssh-dss keys to authenticate to server.
>> HostKeyAlgorithms is for accepted host-keys.
> PreferredAuthentications keyboard-interactive
>> May be you should append "password" if you like to use password
>> authentication if previous listed are rejected by server.
Good point, I forgot about it, sorry.

> but with no effect, same error appears.
>> Sure if server don't offer ssh-dss host-key.
No, apparently server was offering both, ssh-dss and x509v3-sign-rsa
I just didn't include the full output of the ssh-keyscan.

Thanks for your help Roumen.

> I would appreciate your help.
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org

> Roumen

- --
Konstantin V. Gavrilenko

Managing Director
Arhont Ltd - Information Security

web:    http://www.arhont.com
e-mail: k.gavrilenko at arhont.com

tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141

PGP: Key ID - 0xE81824F4
PGP: Server - keyserver.pgp.com
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the openssh-unix-dev mailing list