Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)

Pieter Bowman bowman at math.utah.edu
Sat Mar 22 03:15:56 EST 2014

The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and
still exists in 6.6p1).  With HostbasedAuthentication/EnableSSHKeysign
turned on, I am seeing one of two sets of messages:

no matching hostkey found
ssh_keysign: no reply
key_sign failed


not a valid request
ssh_keysign: no reply
key_sign failed

Then in either case two password prompts:

bowman at HOST.math.utah.edu's password: 
Permission denied, please try again.
bowman at HOST.math.utah.edu's password: 

I've used strace and dtrace to watch what files are opened and
executables run.  All the correct key files are accessed and the
correct version of ssh-keysign used.  Even the ssh-keysign from 6.5p1
or 6.6p1 works correctly with ssh from 6.4p1.

Various systems are affected by this:

	MacOS X 10.5/ppc
	OpenBSD 5.1/x86
	RHEL 5/x86
	Solaris 10/x86
	Solaris 11/x64
	Ubuntu 12.04/x86
	debian 6.0/mips

A few systems are not affected:

	IRIX 6.5/mips
	RHEL 5/ia64
	Solaris 10/sparc

Any ideas on where to look?



More information about the openssh-unix-dev mailing list