[Bug 2568] ssh fails to authenticate using RSA keys when agent does not support sha256/512 signatures

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Nov 23 21:46:03 AEDT 2017


--- Comment #15 from Jakub Jelen <jjelen at redhat.com> ---
(In reply to Sebastian Unger from comment #14)
> (In reply to Jakub Jelen from comment #13)
> >  * Does not support SHA2, but provides SHA1 signature (silently) and
> > it is accepted by both client and server as I reported as a bug
> > #2799 (security concerns)
> Well, I'm not asking it to "silently" accept SHA1 signatures. I
> would find an option with a secure default acceptable. Also, I don't
> see how falling back from SHA2 to SHA1 reduces security when the
> server did accept SHA1's in the first place if the client negotiated
> them.

I am not asking to accept SHA1 silently either. The security problem is
that client and server negotiated SHA2 mechanisms, the client sends
envelope labeled with SHA2 mechanisms, but inside it is just SHA1. That
is the problem.

> This issue is about the case where client and server negotiate SHA2
> but then the agent fails to sign because it does not support SHA2.

That would be solved by the extension negotiation with the ssh-agent.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching the reporter of the bug.

More information about the openssh-bugs mailing list