Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)
Pieter Bowman
bowman at math.utah.edu
Sat Mar 22 03:15:56 EST 2014
The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and
still exists in 6.6p1). With HostbasedAuthentication/EnableSSHKeysign
turned on, I am seeing one of two sets of messages:
no matching hostkey found
ssh_keysign: no reply
key_sign failed
and
not a valid request
ssh_keysign: no reply
key_sign failed
Then in either case two password prompts:
bowman at HOST.math.utah.edu's password:
Permission denied, please try again.
bowman at HOST.math.utah.edu's password:
I've used strace and dtrace to watch what files are opened and
executables run. All the correct key files are accessed and the
correct version of ssh-keysign used. Even the ssh-keysign from 6.5p1
or 6.6p1 works correctly with ssh from 6.4p1.
Various systems are affected by this:
MacOS X 10.5/ppc
OpenBSD 5.1/x86
RHEL 5/x86
Solaris 10/x86
Solaris 11/x64
Ubuntu 12.04/x86
debian 6.0/mips
gentoo/alpha
gentoo/ppc
gentoo/ppc64
gentoo/sparc
A few systems are not affected:
IRIX 6.5/mips
RHEL 5/ia64
Solaris 10/sparc
Any ideas on where to look?
Thanks,
Pieter
More information about the openssh-unix-dev
mailing list