From johannes at kyriasis.com Wed Jul 1 00:12:03 2015 From: johannes at kyriasis.com (Johannes =?utf-8?B?TMO2dGhiZXJn?=) Date: Tue, 30 Jun 2015 16:12:03 +0200 Subject: how is the sha fingerprint generated? In-Reply-To: <20150630141029.GA19116@leeloo.kyriasis.com> References: <20150630141029.GA19116@leeloo.kyriasis.com> Message-ID: <20150630141203.GA20552@leeloo.kyriasis.com> On 30/06, Johannes L?thberg wrote: >On 30/06, shawn wilson wrote: >>% cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum >> >> ~/.ssh swlap1 >>d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - >>% ssh-keygen -lf ext_rsa.pub >> >> ~/.ssh swlap1 >>8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson at swlap1 (RSA) >> >>Why do those differ and how would i generate the equivalent (mainly >>just curious)? I've also tried base64 and a few other substitutions at >>the end and I can't get them to match (probably would save time to >>just look at the code, but...). > >It's not simply a checksum of the key file. You need to extract the >exponent and prime from the public key, then append those to a >specific string of bits, then get a SHA256 digest of that, and then >base64 encode that. > >https://github.com/kyrias/bin/blob/master/ssh-gen-fprint has an >example implementation of `ssh-keygen -lf` in Ruby. > Oh, and support for ECC keys aren't implemented because OpenSSL doesn't support it yet. :/ -- Sincerely, Johannes L?thberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1495 bytes Desc: not available URL: From johannes at kyriasis.com Wed Jul 1 00:10:29 2015 From: johannes at kyriasis.com (Johannes =?utf-8?B?TMO2dGhiZXJn?=) Date: Tue, 30 Jun 2015 16:10:29 +0200 Subject: how is the sha fingerprint generated? In-Reply-To: References: Message-ID: <20150630141029.GA19116@leeloo.kyriasis.com> On 30/06, shawn wilson wrote: >% cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum > > ~/.ssh swlap1 >d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - > % ssh-keygen -lf ext_rsa.pub > > ~/.ssh swlap1 >8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson at swlap1 (RSA) > >Why do those differ and how would i generate the equivalent (mainly >just curious)? I've also tried base64 and a few other substitutions at >the end and I can't get them to match (probably would save time to >just look at the code, but...). It's not simply a checksum of the key file. You need to extract the exponent and prime from the public key, then append those to a specific string of bits, then get a SHA256 digest of that, and then base64 encode that. https://github.com/kyrias/bin/blob/master/ssh-gen-fprint has an example implementation of `ssh-keygen -lf` in Ruby. -- Sincerely, Johannes L?thberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1495 bytes Desc: not available URL: From elbarto at bocal.org Wed Jul 1 00:41:43 2015 From: elbarto at bocal.org (Emmanuel Vadot) Date: Tue, 30 Jun 2015 16:41:43 +0200 Subject: how is the sha fingerprint generated? In-Reply-To: <20150630141203.GA20552@leeloo.kyriasis.com> References: <20150630141029.GA19116@leeloo.kyriasis.com> <20150630141203.GA20552@leeloo.kyriasis.com> Message-ID: <20150630164143.048b0c5efe1a1cd40bcde3ea@bocal.org> You really don't need openssl for that. And the fingerprints are simple. Here is a python script that do the same as ssh-keygen -fl /path/to/key : #!/usr/bin/env python3 import binascii import hashlib import sys if __name__ == "__main__": key = binascii.a2b_base64(sys.argv[1]) if sys.argv[2] == "md5": m = hashlib.new("md5") m.update(key) print(m.hexdigest()) elif sys.argv[2] == "sha256": m = hashlib.new("sha256") m.update(key) print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1]) Do use it in production, do some test, but the general idea is there. Cheers, On Tue, 30 Jun 2015 16:12:03 +0200 Johannes L?thberg wrote: > On 30/06, Johannes L?thberg wrote: > >On 30/06, shawn wilson wrote: > >>% cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum > >> > >> ~/.ssh swlap1 > >>d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - > >>% ssh-keygen -lf ext_rsa.pub > >> > >> ~/.ssh swlap1 > >>8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson at swlap1 (RSA) > >> > >>Why do those differ and how would i generate the equivalent (mainly > >>just curious)? I've also tried base64 and a few other substitutions at > >>the end and I can't get them to match (probably would save time to > >>just look at the code, but...). > > > >It's not simply a checksum of the key file. You need to extract the > >exponent and prime from the public key, then append those to a > >specific string of bits, then get a SHA256 digest of that, and then > >base64 encode that. > > > >https://github.com/kyrias/bin/blob/master/ssh-gen-fprint has an > >example implementation of `ssh-keygen -lf` in Ruby. > > > > Oh, and support for ECC keys aren't implemented because OpenSSL doesn't > support it yet. :/ > > -- > Sincerely, > Johannes L?thberg > PGP Key ID: 0x50FB9B273A9D0BB5 > https://theos.kyriasis.com/~kyrias/ -- Emmanuel Vadot From ag4ve.us at gmail.com Wed Jul 1 00:48:33 2015 From: ag4ve.us at gmail.com (shawn wilson) Date: Tue, 30 Jun 2015 10:48:33 -0400 Subject: how is the sha fingerprint generated? In-Reply-To: <20150630141203.GA20552@leeloo.kyriasis.com> References: <20150630141029.GA19116@leeloo.kyriasis.com> <20150630141203.GA20552@leeloo.kyriasis.com> Message-ID: On Tue, Jun 30, 2015 at 10:12 AM, Johannes L?thberg wrote: > On 30/06, Johannes L?thberg wrote: >> >> On 30/06, shawn wilson wrote: >>> >>> % cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum >>> >>> ~/.ssh swlap1 >>> d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - >>> % ssh-keygen -lf ext_rsa.pub >>> >>> ~/.ssh swlap1 >>> 8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson at swlap1 >>> (RSA) >>> >>> Why do those differ and how would i generate the equivalent (mainly >>> just curious)? I've also tried base64 and a few other substitutions at >>> the end and I can't get them to match (probably would save time to >>> just look at the code, but...). >> >> >> It's not simply a checksum of the key file. You need to extract the >> exponent and prime from the public key, then append those to a specific >> string of bits, then get a SHA256 digest of that, and then base64 encode >> that. >> >> https://github.com/kyrias/bin/blob/master/ssh-gen-fprint has an example >> implementation of `ssh-keygen -lf` in Ruby. >> > > Oh, and support for ECC keys aren't implemented because OpenSSL doesn't > support it yet. :/ > Heh, I noticed that- makes sense :) And thanks From tgc at jupiterrise.com Wed Jul 1 01:23:47 2015 From: tgc at jupiterrise.com (Tom G. Christensen) Date: Tue, 30 Jun 2015 17:23:47 +0200 Subject: Call for testing: OpenSSH 6.9 In-Reply-To: References: <556CBDDE.4080303@jupiterrise.com> <558B99D8.7080204@jupiterrise.com> Message-ID: <5592B483.407@jupiterrise.com> On 30/06/15 07:56, Tim Rice wrote: > (tested this time, although not on solaris 2.6 like the original poster) I've re-tested with 52fb6b9b and it works. On Solaris 2.6 the ipv6 addresses are left out and on Solaris 8 they are included. -tgc From johannes at kyriasis.com Wed Jul 1 02:43:36 2015 From: johannes at kyriasis.com (Johannes =?utf-8?B?TMO2dGhiZXJn?=) Date: Tue, 30 Jun 2015 18:43:36 +0200 Subject: how is the sha fingerprint generated? In-Reply-To: <20150630164143.048b0c5efe1a1cd40bcde3ea@bocal.org> References: <20150630141029.GA19116@leeloo.kyriasis.com> <20150630141203.GA20552@leeloo.kyriasis.com> <20150630164143.048b0c5efe1a1cd40bcde3ea@bocal.org> Message-ID: <20150630164336.GA25517@leeloo.kyriasis.com> On 30/06, Emmanuel Vadot wrote: > > You really don't need openssl for that. > > And the fingerprints are simple. > Here is a python script that do the same as ssh-keygen >-fl /path/to/key : > >#!/usr/bin/env python3 > >import binascii >import hashlib >import sys > >if __name__ == "__main__": > key = binascii.a2b_base64(sys.argv[1]) > if sys.argv[2] == "md5": > m = hashlib.new("md5") > m.update(key) > print(m.hexdigest()) > elif sys.argv[2] == "sha256": > m = hashlib.new("sha256") > m.update(key) > print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1]) > > Do use it in production, do some test, but the general idea is there. > That doesn't actually work for either RSA nor Ed25519 keys? Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png -- Sincerely, Johannes L?thberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1495 bytes Desc: not available URL: From elbarto at bocal.org Wed Jul 1 03:20:46 2015 From: elbarto at bocal.org (Emmanuel Vadot) Date: Tue, 30 Jun 2015 19:20:46 +0200 Subject: how is the sha fingerprint generated? In-Reply-To: <20150630164336.GA25517@leeloo.kyriasis.com> References: <20150630141029.GA19116@leeloo.kyriasis.com> <20150630141203.GA20552@leeloo.kyriasis.com> <20150630164143.048b0c5efe1a1cd40bcde3ea@bocal.org> <20150630164336.GA25517@leeloo.kyriasis.com> Message-ID: <20150630192046.145a5a935cfa991ba21244fe@bocal.org> It does works with rsa, ecdsa and ed25519. For ed25519 you may need to remove the extra = (base64 padding byte) at the end of the sum. And I've been lying when I said it does the same as ssh-keygen -fl, the first argument must be the public key not the path. On Tue, 30 Jun 2015 18:43:36 +0200 Johannes L?thberg wrote: > On 30/06, Emmanuel Vadot wrote: > > > > You really don't need openssl for that. > > > > And the fingerprints are simple. > > Here is a python script that do the same as ssh-keygen > >-fl /path/to/key : > > > >#!/usr/bin/env python3 > > > >import binascii > >import hashlib > >import sys > > > >if __name__ == "__main__": > > key = binascii.a2b_base64(sys.argv[1]) > > if sys.argv[2] == "md5": > > m = hashlib.new("md5") > > m.update(key) > > print(m.hexdigest()) > > elif sys.argv[2] == "sha256": > > m = hashlib.new("sha256") > > m.update(key) > > print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1]) > > > > Do use it in production, do some test, but the general idea is there. > > > > That doesn't actually work for either RSA nor Ed25519 keys? > > Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png > > -- > Sincerely, > Johannes L?thberg > PGP Key ID: 0x50FB9B273A9D0BB5 > https://theos.kyriasis.com/~kyrias/ -- Emmanuel Vadot From djm at cvs.openbsd.org Wed Jul 1 13:39:05 2015 From: djm at cvs.openbsd.org (Damien Miller) Date: Tue, 30 Jun 2015 21:39:05 -0600 (MDT) Subject: Announce: OpenSSH 6.9 released Message-ID: <5620606096372553010.enqueue@cvs.openbsd.org> OpenSSH 6.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html Future Deprecation Notice ========================= The 7.0 release of OpenSSH, due for release in late July, will deprecate several features, some of which may affect compatibility or existing configurations. The intended changes are as follows: * The default for the sshd_config(5) PermitRootLogin option will change from "yes" to "no". * Support for the legacy version 1.x of the SSH protocol will be disabled at compile time by default. * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange will be run-time disabled by default. * Support for ssh-dss, ssh-dss-cert-* host and user keys will be run-time disabled by default. * Support for the legacy v00 cert format will be removed * Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) This list reflects our current intentions, but please check the final release notes for OpenSSH 7.0 when it is released. Changes since OpenSSH 6.8 ========================= This is primarily a bugfix release. Security -------- * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with "fail open" behaviour in the X11 server when clients attempted connections with expired credentials. This problem was reported by Jann Horn. * ssh-agent(1): fix weakness of agent locking (ssh-add -x) to password guessing by implementing an increasing failure delay, storing a salted hash of the password rather than the password itself and using a timing-safe comparison function for verifying unlock attempts. This problem was reported by Ryan Castellucci. New Features ------------ * ssh(1), sshd(8): promote chacha20-poly1305 at openssh.com to be the default cipher * sshd(8): support admin-specified arguments to AuthorizedKeysCommand; bz#2081 * sshd(8): add AuthorizedPrincipalsCommand that allows retrieving authorized principals information from a subprocess rather than a file. * ssh(1), ssh-add(1): support PKCS#11 devices with external PIN entry devices bz#2240 * sshd(8): allow GSSAPI host credential check to be relaxed for multihomed hosts via GSSAPIStrictAcceptorCheck option; bz#928 * ssh-keygen(1): support "ssh-keygen -lF hostname" to search known_hosts and print key hashes rather than full keys. * ssh-agent(1): add -D flag to leave ssh-agent in foreground without enabling debug mode; bz#2381 Bugfixes -------- * ssh(1), sshd(8): deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message and do not try to use it against some 3rd-party SSH implementations that use it (older PuTTY, WinSCP). * Many fixes for problems caused by compile-time deactivation of SSH1 support (including bz#2369) * ssh(1), sshd(8): cap DH-GEX group size at 4Kbits for Cisco implementations as some would fail when attempting to use group sizes >4K; bz#2209 * ssh(1): fix out-of-bound read in EscapeChar configuration option parsing; bz#2396 * sshd(8): fix application of PermitTunnel, LoginGraceTime, AuthenticationMethods and StreamLocalBindMask options in Match blocks * ssh(1), sshd(8): improve disconnection message on TCP reset; bz#2257 * ssh(1): remove failed remote forwards established by muliplexing from the list of active forwards; bz#2363 * sshd(8): make parsing of authorized_keys "environment=" options independent of PermitUserEnv being enabled; bz#2329 * sshd(8): fix post-auth crash with permitopen=none; bz#2355 * ssh(1), ssh-add(1), ssh-keygen(1): allow new-format private keys to be encrypted with AEAD ciphers; bz#2366 * ssh(1): allow ListenAddress, Port and AddressFamily configuration options to appear in any order; bz#86 * sshd(8): check for and reject missing arguments for VersionAddendum and ForceCommand; bz#2281 * ssh(1), sshd(8): don't treat unknown certificate extensions as fatal; bz#2387 * ssh-keygen(1): make stdout and stderr output consistent; bz#2325 * ssh(1): mention missing DISPLAY environment in debug log when X11 forwarding requested; bz#1682 * sshd(8): correctly record login when UseLogin is set; bz#378 * sshd(8): Add some missing options to sshd -T output and fix output of VersionAddendum and HostCertificate. bz#2346 * Document and improve consistency of options that accept a "none" argument" TrustedUserCAKeys, RevokedKeys (bz#2382), AuthorizedPrincipalsFile (bz#2288) * ssh(1): include remote username in debug output; bz#2368 * sshd(8): avoid compatibility problem with some versions of Tera Term, which would crash when they received the hostkeys notification message (hostkeys-00 at openssh.com) * sshd(8): mention ssh-keygen -E as useful when comparing legacy MD5 host key fingerprints; bz#2332 * ssh(1): clarify pseudo-terminal request behaviour and use make manual language consistent; bz#1716 * ssh(1): document that the TERM environment variable is not subject to SendEnv and AcceptEnv; bz#2386 Portable OpenSSH ---------------- * sshd(8): Format UsePAM setting when using sshd -T, part of bz#2346 * Look for '${host}-ar' before 'ar', making cross-compilation easier; bz#2352. * Several portable compilation fixes: bz#2402, bz#2337, bz#2370 * moduli(5): update DH-GEX moduli Checksums: ========== - SHA1 (openssh-6.9.tar.gz) = cd5fcb93411025bbc4b4b57753b622769dfb1e0d - SHA256 (openssh-6.9.tar.gz) = itCMw0aE/xvrGKWhzRD2UM/9kzIOyFaH2dIWMfX8agQ= - SHA1 (openssh-6.9p1.tar.gz) = 86ab57f00d0fd9bf302760f2f6deac1b6e9df265 - SHA256 (openssh-6.9p1.tar.gz) = bgdN9TjzV9RAvmz5PcWBoh8i054jbyF/zY6su2yJbP4= Please note that the PGP key used to sign releases was recently rotated. The new key has been signed by the old key to provide continuity. It is available from the mirror sites as RELEASE_KEY.asc. Reporting Bugs: =============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh at openssh.com OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom. From djm at mindrot.org Wed Jul 1 14:03:42 2015 From: djm at mindrot.org (Damien Miller) Date: Wed, 1 Jul 2015 14:03:42 +1000 (AEST) Subject: how is the sha fingerprint generated? In-Reply-To: References: Message-ID: On Tue, 30 Jun 2015, shawn wilson wrote: > % cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum > > ~/.ssh swlap1 > d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - > % ssh-keygen -lf ext_rsa.pub > > ~/.ssh swlap1 > 8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson at swlap1 (RSA) > > Why do those differ and how would i generate the equivalent (mainly > just curious)? I've also tried base64 and a few other substitutions at > the end and I can't get them to match (probably would save time to > just look at the code, but...). it's a hash over the decoded contents of the second field of the public key line. In python: import base64 import hashlib keytext=open("/tmp/r.pub").read() keydata=keytext.split()[1] decoded=base64.b64decode(keydata) rawhash=hashlib.sha256(decoded).digest() texthash=base64.b64encode(rawhash) print texthash From philipp.marek at linbit.com Wed Jul 1 17:34:32 2015 From: philipp.marek at linbit.com (Philipp Marek) Date: Wed, 1 Jul 2015 09:34:32 +0200 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <5620606096372553010.enqueue@cvs.openbsd.org> References: <5620606096372553010.enqueue@cvs.openbsd.org> Message-ID: <20150701073432.GS12080@cacao.linbit> > Future Deprecation Notice > ========================= > > The 7.0 release of OpenSSH, due for release in late July, will > deprecate several features, some of which may affect compatibility > or existing configurations. The intended changes are as follows: > > * The default for the sshd_config(5) PermitRootLogin option will > change from "yes" to "no". Uh, wouldn't "without-password" be a better alternative than "no"? Getting the *first* authorized key on would still be "hard" (as in "ssh user at ...", "su"|"sudo", "mkdir -m 0700 .ssh", "cat > .ssh/auth.."), but at least *further* keys could be done via "ssh-copy-id". I don't have any statistics handy, but I believe that public-key root authentication is widely used. (And sometimes needed - especially when something goes wrong, needing to authenticate as a normal user is one more thing that can go wrong - think NIS or LDAP failures, etc.) From jjelen at redhat.com Wed Jul 1 17:47:53 2015 From: jjelen at redhat.com (Jakub Jelen) Date: Wed, 01 Jul 2015 09:47:53 +0200 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <5620606096372553010.enqueue@cvs.openbsd.org> References: <5620606096372553010.enqueue@cvs.openbsd.org> Message-ID: <55939B29.9040002@redhat.com> On 07/01/2015 05:39 AM, Damien Miller wrote: > Future Deprecation Notice > ========================= > > The 7.0 release of OpenSSH, due for release in late July, will > deprecate several features, some of which may affect compatibility > or existing configurations. The intended changes are as follows: > > * The default for the sshd_config(5) PermitRootLogin option will > change from "yes" to "no". This was "reverted" from version control in shipped 6.9 source code, but not in shipped sshd_config, where is still > #PermitRootLogin no and also manual page still contains > The default is ?no?. Not serious problem, but just saying, there is inconsistency. -- Jakub Jelen Security Technologies Red Hat From list at eworm.de Wed Jul 1 18:30:05 2015 From: list at eworm.de (Christian Hesse) Date: Wed, 1 Jul 2015 10:30:05 +0200 Subject: [PATCH 1/1] update error messages about moduli and primes files Message-ID: <1435739405-12226-1-git-send-email-list@eworm.de> From: Christian Hesse Both files can be used, so mention both in error messages. Signed-off-by: Christian Hesse --- dh.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dh.c b/dh.c index 4c639ac..450f5c4 100644 --- a/dh.c +++ b/dh.c @@ -153,8 +153,8 @@ choose_dh(int min, int wantbits, int max) if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { - logit("WARNING: %s does not exist, using fixed modulus", - _PATH_DH_MODULI); + logit("WARNING: neither %s nor %s exists, using fixed modulus", + _PATH_DH_MODULI, _PATH_DH_PRIMES); return (dh_new_group_fallback(max)); } @@ -182,7 +182,8 @@ choose_dh(int min, int wantbits, int max) if (bestcount == 0) { fclose(f); - logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); + logit("WARNING: no suitable primes in %s or %s", + _PATH_DH_MODULI, _PATH_DH_PRIMES); return (dh_new_group_fallback(max)); } -- 2.4.5 From arif at mail.nih.gov Wed Jul 1 22:19:55 2015 From: arif at mail.nih.gov (Anthony R Fletcher) Date: Wed, 1 Jul 2015 08:19:55 -0400 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <20150701073432.GS12080@cacao.linbit> References: <5620606096372553010.enqueue@cvs.openbsd.org> <20150701073432.GS12080@cacao.linbit> Message-ID: <20150701121955.GD6344@cosy.cit.nih.gov> > > Future Deprecation Notice > > ========================= > > > > The 7.0 release of OpenSSH, due for release in late July, will > > deprecate several features, some of which may affect compatibility > > or existing configurations. The intended changes are as follows: > > > > * The default for the sshd_config(5) PermitRootLogin option will > > change from "yes" to "no". > Uh, wouldn't "without-password" be a better alternative than "no"? > > Getting the *first* authorized key on would still be "hard" (as in > "ssh user at ...", "su"|"sudo", "mkdir -m 0700 .ssh", "cat > .ssh/auth.."), > but at least *further* keys could be done via "ssh-copy-id". > > > I don't have any statistics handy, but I believe that public-key > root authentication is widely used. > (And sometimes needed - especially when something goes wrong, > needing to authenticate as a normal user is one more thing that > can go wrong - think NIS or LDAP failures, etc.) > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev I would second this plea. With a default of "without-password" you get all the advantages for the default out-of-the-box build but authorized keys keys can still be provisioned without a config change. With no installed keys then it is effectively the same as "no". Anthony -- Anthony R Fletcher Room 2033, Building 12A, http://dcb.cit.nih.gov/~arif National Institutes of Health, arif at mail.nih.gov 12A South Drive, Bethesda, Phone: (+1) 301 402 1741. MD 20892-5624, USA. From sweet_f_a at gmx.de Thu Jul 2 04:52:47 2015 From: sweet_f_a at gmx.de (Ruediger Meier) Date: Wed, 1 Jul 2015 20:52:47 +0200 Subject: [PATCH] rename mux socket instead of link/unlink Message-ID: <1435776767-27029-1-git-send-email-sweet_f_a@gmx.de> From: Ruediger Meier This avoids confusing .nfs* files if ControlPath located on NFS. Seen on Linux like below. The .nfs* file exists there until the master connection is killed. $ ssh -Nf localhost $ ls -lta .ssh/masters/ srw------- 2 rudi users 0 2015-07-01 20:45:53.183434875 +0200 .nfs000000000114029600005581 srw------- 2 rudi users 0 2015-07-01 20:45:53.183434875 +0200 zapparudi at localhost:22 Signed-off-by: Ruediger Meier --- mux.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/mux.c b/mux.c index cdc01bd..03b686d 100644 --- a/mux.c +++ b/mux.c @@ -1291,7 +1291,7 @@ muxserver_listen(void) } /* Now atomically "move" the mux socket into position */ - if (link(options.control_path, orig_control_path) != 0) { + if (rename(options.control_path, orig_control_path) != 0) { if (errno != EEXIST) { fatal("%s: link mux listener %s => %s: %s", __func__, options.control_path, orig_control_path, @@ -1302,7 +1302,6 @@ muxserver_listen(void) unlink(options.control_path); goto disable_mux_master; } - unlink(options.control_path); free(options.control_path); options.control_path = orig_control_path; -- 1.8.4.5 From mancha1 at zoho.com Thu Jul 2 08:16:10 2015 From: mancha1 at zoho.com (mancha) Date: Wed, 1 Jul 2015 22:16:10 +0000 Subject: [ANN] OpenSSH 6.9p1 TCP Wrappers support Message-ID: <20150701221610.GA12921@zoho.com> Hello. Patch re-introducing TCP Wrappers (libwrap) support has been updated for use with OpenSSH 6.9p1: http://sf.net/projects/mancha/files/misc/openssh-6.9p1-libwrap.diff Note: remember to autoreconf -fiv. Enjoy. --mancha -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From mancha1 at zoho.com Thu Jul 2 10:09:06 2015 From: mancha1 at zoho.com (mancha) Date: Thu, 2 Jul 2015 00:09:06 +0000 Subject: [BUG] Harmonize man pages (OpenSSH 6.9) Message-ID: <20150702000906.GC12921@zoho.com> Hi. The man pages for ssh_config and sshd_config don't reflect that chacha20-poly1305 at openssh.com is now preferred over the AES family and others. This issue was reported by Kevin Korb on freenode's #openssh. Attached patch fixes. --mancha -------------- next part -------------- From 1a8997883510ac845133e97f4e942c48d7c5b6b0 Mon Sep 17 00:00:00 2001 From: mancha security Date: Thu, 2 Jul 2015 00:01:20 +0000 Subject: [PATCH] Update man pages (ssh_config and sshd_config) Reflect that chacha20-poly1305 at openssh.com has been promoted to default cipher. Thanks to Kevin Korb for report. --- ssh_config.5 | 2 +- sshd_config.5 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh_config.5 b/ssh_config.5 index 268a627..76a8263 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -410,9 +410,9 @@ chacha20-poly1305 at openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305 at openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm at openssh.com,aes256-gcm at openssh.com, -chacha20-poly1305 at openssh.com, arcfour256,arcfour128, aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, aes192-cbc,aes256-cbc,arcfour diff --git a/sshd_config.5 b/sshd_config.5 index 5ab4318..a3fcec0 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -471,9 +471,9 @@ chacha20-poly1305 at openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305 at openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, -aes128-gcm at openssh.com,aes256-gcm at openssh.com, -chacha20-poly1305 at openssh.com +aes128-gcm at openssh.com,aes256-gcm at openssh.com .Ed .Pp The list of available ciphers may also be obtained using the -- 2.1.4 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From lists at nerdbynature.de Sun Jul 5 06:33:13 2015 From: lists at nerdbynature.de (Christian Kujau) Date: Sat, 4 Jul 2015 13:33:13 -0700 (PDT) Subject: Announce: OpenSSH 6.9 released In-Reply-To: <5620606096372553010.enqueue@cvs.openbsd.org> References: <5620606096372553010.enqueue@cvs.openbsd.org> Message-ID: On Tue, 30 Jun 2015, Damien Miller wrote: > * The default for the sshd_config(5) PermitRootLogin option will > change from "yes" to "no". At the risk of re-opening an old bike-shedding debate: why not change the default to "without-password" or to "forced-commands-only"? With PermitRootLogin=no, users will change to "yes" as soon as they notice that root cannot login any more. Changing the default to the other options would promote these and users might be inclined to adopt these and also make use of PubkeyAuthentication instead of passwords. My 2 cents, Christian. -- BOFH excuse #176: vapors from evaporating sticky-note adhesives From pengyu.ut at gmail.com Sun Jul 5 11:05:54 2015 From: pengyu.ut at gmail.com (Peng Yu) Date: Sat, 4 Jul 2015 20:05:54 -0500 Subject: How to ssh to a server via an intermediate server with X11 forwarding? Message-ID: I tried the following command. ssh -Y -t intermediate -- ssh -Y dest But it shows the following error message. Does anybody know how to fix the problem? Thanks. X11 forwarding request failed on channel 0 -- Regards, Peng From pengyu.ut at gmail.com Sun Jul 5 11:03:53 2015 From: pengyu.ut at gmail.com (Peng Yu) Date: Sat, 4 Jul 2015 20:03:53 -0500 Subject: How to ssh to a server via an intermediate server with X11 forwarding? Message-ID: I tried the following command. ssh -Y -t intermediate -- ssh -Y dest But it shows the following error message. Does anybody know how to fix the problem? Thanks. X11 forwarding request failed on channel 0 -- Regards, Peng From djm at mindrot.org Sun Jul 5 18:26:36 2015 From: djm at mindrot.org (Damien Miller) Date: Sun, 5 Jul 2015 18:26:36 +1000 (AEST) Subject: How to ssh to a server via an intermediate server with X11 forwarding? In-Reply-To: References: Message-ID: On Sat, 4 Jul 2015, Peng Yu wrote: > I tried the following command. > > ssh -Y -t intermediate -- ssh -Y dest > > But it shows the following error message. Does anybody know how to fix > the problem? Thanks. ssh -oProxyCommand="ssh -W %h:%p intermediate" -Y dest should work -d From list at eworm.de Mon Jul 6 20:05:42 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 12:05:42 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters Message-ID: <1436177142-12873-1-git-send-email-list@eworm.de> From: Christian Hesse Signed-off-by: Christian Hesse --- sshkey.c | 47 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 36 insertions(+), 11 deletions(-) diff --git a/sshkey.c b/sshkey.c index cfe5980..47511c2 100644 --- a/sshkey.c +++ b/sshkey.c @@ -44,6 +44,9 @@ #include #include #include +#ifdef HAVE_LOCALE_H +#include +#endif /* HAVE_LOCALE_H */ #ifdef HAVE_UTIL_H #include #endif /* HAVE_UTIL_H */ @@ -1088,6 +1091,12 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, * Chars to be used after each other every time the worm * intersects with itself. Matter of taste. */ +#ifdef HAVE_LOCALE_H + char *locale; + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; +#endif + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; + char **border; char *augmentation_string = " .o+=*BOX@%&#/^SE"; char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; u_char field[FLDSIZE_X][FLDSIZE_Y]; @@ -1096,9 +1105,25 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, int x, y, r; size_t len = strlen(augmentation_string) - 1; - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) + if ((retval = malloc((FLDSIZE_X + 7) * FLDSIZE_Y + FLDSIZE_X * 3 * 2)) == NULL) return NULL; +#ifdef HAVE_LOCALE_H + /* initialize locale */ + setlocale(LC_ALL, ""); + + /* get locale for LC_CTYPE and decide about characters to use */ + locale = setlocale(LC_CTYPE, NULL); + if (locale != NULL && *locale != 0 && + (strstr(locale, "UTF-8") || + strstr(locale, "utf-8") || + strstr(locale, "UTF8") || + strstr(locale, "utf8"))) + border = border_utf8; + else +#endif + border = border_ascii; + /* initialize field */ memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); x = FLDSIZE_X / 2; @@ -1145,34 +1170,34 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, /* output upper border */ p = retval; - *p++ = '+'; + p += sprintf(p, "%s", border[0]); for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[1]); memcpy(p, title, tlen); p += tlen; for (i += tlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); *p++ = '\n'; /* output content */ for (y = 0; y < FLDSIZE_Y; y++) { - *p++ = '|'; + p += sprintf(p, "%s", border[3]); for (x = 0; x < FLDSIZE_X; x++) *p++ = augmentation_string[MIN(field[x][y], len)]; - *p++ = '|'; + p += sprintf(p, "%s", border[3]); *p++ = '\n'; } /* output lower border */ - *p++ = '+'; + p += sprintf(p, "%s", border[4]); for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[1]); memcpy(p, hash, hlen); p += hlen; for (i += hlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[5]); return retval; } -- 2.4.5 From alex at alex.org.uk Mon Jul 6 20:33:58 2015 From: alex at alex.org.uk (Alex Bligh) Date: Mon, 6 Jul 2015 11:33:58 +0100 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <1436177142-12873-1-git-send-email-list@eworm.de> References: <1436177142-12873-1-git-send-email-list@eworm.de> Message-ID: <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> On 6 Jul 2015, at 11:05, Christian Hesse wrote: > +#ifdef HAVE_LOCALE_H > + char *locale; > + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; > +#endif > + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; > + char **border; What if LOCALE_H is present at compile time but the binary is then run in a non-unicode locale? -- Alex Bligh From list at eworm.de Mon Jul 6 20:42:53 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 12:42:53 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> References: <1436177142-12873-1-git-send-email-list@eworm.de> <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> Message-ID: <20150706124253.0ba03d1a@leda.localdomain> Alex Bligh on Mon, 2015/07/06 11:33: > > On 6 Jul 2015, at 11:05, Christian Hesse wrote: > > > +#ifdef HAVE_LOCALE_H > > + char *locale; > > + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; > > +#endif > > + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; > > + char **border; > > What if LOCALE_H is present at compile time but the binary is then > run in a non-unicode locale? See below. setlocale() should return something without "utf-8" in its name, so the binary should select the ascii characters. This still has a serve issue, though: It works perfectly with ssh-keygen but breaks for ssh... I will have a look at that. However this is more like RFC, so comments are welcome. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From aris at 0xbadc0de.be Mon Jul 6 21:22:50 2015 From: aris at 0xbadc0de.be (Aris Adamantiadis) Date: Mon, 06 Jul 2015 13:22:50 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> References: <1436177142-12873-1-git-send-email-list@eworm.de> <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> Message-ID: <559A650A.304@0xbadc0de.be> Le 06/07/15 12:33, Alex Bligh a ?crit : > On 6 Jul 2015, at 11:05, Christian Hesse wrote: > >> +#ifdef HAVE_LOCALE_H >> + char *locale; >> + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; >> +#endif >> + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; >> + char **border; > What if LOCALE_H is present at compile time but the binary is then > run in a non-unicode locale? > I'm more concerned about the UTF-8 in the source code... are all compilers able to deal with that? Simple workaround would be to use hex encoding instead. Aris From alex at alex.org.uk Mon Jul 6 21:33:37 2015 From: alex at alex.org.uk (Alex Bligh) Date: Mon, 6 Jul 2015 12:33:37 +0100 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150706124253.0ba03d1a@leda.localdomain> References: <1436177142-12873-1-git-send-email-list@eworm.de> <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> <20150706124253.0ba03d1a@leda.localdomain> Message-ID: On 6 Jul 2015, at 11:42, Christian Hesse wrote: > See below. setlocale() should return something without "utf-8" in its name, > so the binary should select the ascii characters. OK - missed that. -- Alex Bligh -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: From list at eworm.de Mon Jul 6 21:44:42 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 13:44:42 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150706124253.0ba03d1a@leda.localdomain> References: <1436177142-12873-1-git-send-email-list@eworm.de> <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> <20150706124253.0ba03d1a@leda.localdomain> Message-ID: <20150706134442.40af2c3b@leda.localdomain> Christian Hesse on Mon, 2015/07/06 12:42: > This still has a serve issue, though: It works perfectly with ssh-keygen but > breaks for ssh... I will have a look at that. Obviously strnvis() at log.c line 438 causes this. The multi byte characters are encoded with their octal escape sequences. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From list at eworm.de Mon Jul 6 21:53:21 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 13:53:21 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <559A650A.304@0xbadc0de.be> References: <1436177142-12873-1-git-send-email-list@eworm.de> <2281121D-2FAE-483F-AE7C-A8B774FF287B@alex.org.uk> <559A650A.304@0xbadc0de.be> Message-ID: <20150706135321.0e680178@leda.localdomain> Aris Adamantiadis on Mon, 2015/07/06 13:22: > Le 06/07/15 12:33, Alex Bligh a ?crit : > > On 6 Jul 2015, at 11:05, Christian Hesse wrote: > > > >> +#ifdef HAVE_LOCALE_H > >> + char *locale; > >> + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; > >> +#endif > >> + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; > >> + char **border; > > What if LOCALE_H is present at compile time but the binary is then > > run in a non-unicode locale? > > > I'm more concerned about the UTF-8 in the source code... are all > compilers able to deal with that? Simple workaround would be to use hex > encoding instead. Good point. Should be pretty easy to fix that, though. Waiting for more comments, will send an updated patch later. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From list at eworm.de Mon Jul 6 23:25:25 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 15:25:25 +0200 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <1436188709-21550-1-git-send-email-list@eworm.de> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> Message-ID: <20150706152525.25b9b421@leda.localdomain> Hello everybody, this is an updated version with these changes: * unicode characters are encoded using octal values * added two more unicode characters to replace brackets * made ssh work, but: Christian Hesse on Mon, 2015/07/06 15:18: > --- a/log.c > +++ b/log.c > @@ -444,7 +444,7 @@ do_log(LogLevel level, const char *fmt, va_list args) > tmp_handler(level, fmtbuf, log_handler_ctx); > log_handler = tmp_handler; > } else if (log_on_stderr) { > - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); > + /* we want unicode multi byte characters, so do not use > fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); > } else { > #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) Does that break anything? -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From list at eworm.de Mon Jul 6 23:18:29 2015 From: list at eworm.de (Christian Hesse) Date: Mon, 6 Jul 2015 15:18:29 +0200 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150706135321.0e680178@leda.localdomain> References: <20150706135321.0e680178@leda.localdomain> Message-ID: <1436188709-21550-1-git-send-email-list@eworm.de> From: Christian Hesse Signed-off-by: Christian Hesse --- log.c | 2 +- sshkey.c | 77 +++++++++++++++++++++++++++++++++++++++++++++++----------------- 2 files changed, 58 insertions(+), 21 deletions(-) diff --git a/log.c b/log.c index 32e1d2e..90c1232 100644 --- a/log.c +++ b/log.c @@ -444,7 +444,7 @@ do_log(LogLevel level, const char *fmt, va_list args) tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); + /* we want unicode multi byte characters, so do not use fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) diff --git a/sshkey.c b/sshkey.c index cfe5980..326bc29 100644 --- a/sshkey.c +++ b/sshkey.c @@ -44,6 +44,9 @@ #include #include #include +#ifdef HAVE_LOCALE_H +#include +#endif /* HAVE_LOCALE_H */ #ifdef HAVE_UTIL_H #include #endif /* HAVE_UTIL_H */ @@ -1088,17 +1091,47 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, * Chars to be used after each other every time the worm * intersects with itself. Matter of taste. */ +#ifdef HAVE_LOCALE_H + char *locale; + char *border_utf8[] = { + "\342\224\217", /* ? upper left */ + "\342\224\201", /* ? horizontal */ + "\342\224\253", /* ? left of title/hash */ + "\342\224\243", /* ? right of title/hash */ + "\342\224\223", /* ? upper right */ + "\342\224\203", /* ? vertical */ + "\342\224\227", /* ? lower left */ + "\342\224\233" /* ? lower right */ }; +#endif + char *border_ascii[] = { "+", "-", "[", "]", "+", "|", "+", "+" }; + char **border; char *augmentation_string = " .o+=*BOX@%&#/^SE"; - char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; + char *retval, *p, title[FLDSIZE_X - 2], hash[FLDSIZE_X - 2]; u_char field[FLDSIZE_X][FLDSIZE_Y]; size_t i, tlen, hlen; u_int b; int x, y, r; size_t len = strlen(augmentation_string) - 1; - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) + if ((retval = malloc((FLDSIZE_X + 7) * FLDSIZE_Y + FLDSIZE_X * 3 * 2)) == NULL) return NULL; +#ifdef HAVE_LOCALE_H + /* initialize locale */ + setlocale(LC_ALL, ""); + + /* get locale for LC_CTYPE and decide about characters to use */ + locale = setlocale(LC_CTYPE, NULL); + if (locale != NULL && *locale != 0 && + (strstr(locale, "UTF-8") || + strstr(locale, "utf-8") || + strstr(locale, "UTF8") || + strstr(locale, "utf8"))) + border = border_utf8; + else +#endif + border = border_ascii; + /* initialize field */ memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); x = FLDSIZE_X / 2; @@ -1132,47 +1165,51 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, field[x][y] = len; /* assemble title */ - r = snprintf(title, sizeof(title), "[%s %u]", + r = snprintf(title, sizeof(title), "%s %u", sshkey_type(k), sshkey_size(k)); - /* If [type size] won't fit, then try [type]; fits "[ED25519-CERT]" */ + /* If "type size" won't fit, then try "type"; fits "ED25519-CERT" */ if (r < 0 || r > (int)sizeof(title)) - r = snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); + r = snprintf(title, sizeof(title), "%s", sshkey_type(k)); tlen = (r <= 0) ? 0 : strlen(title); /* assemble hash ID. */ - r = snprintf(hash, sizeof(hash), "[%s]", alg); + r = snprintf(hash, sizeof(hash), "%s", alg); hlen = (r <= 0) ? 0 : strlen(hash); /* output upper border */ p = retval; - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[0]); + for (i = 0; i < (FLDSIZE_X - tlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, title, tlen); p += tlen; - for (i += tlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += tlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[4]); *p++ = '\n'; /* output content */ for (y = 0; y < FLDSIZE_Y; y++) { - *p++ = '|'; + p += sprintf(p, "%s", border[5]); for (x = 0; x < FLDSIZE_X; x++) *p++ = augmentation_string[MIN(field[x][y], len)]; - *p++ = '|'; + p += sprintf(p, "%s", border[5]); *p++ = '\n'; } /* output lower border */ - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[6]); + for (i = 0; i < (FLDSIZE_X - hlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, hash, hlen); p += hlen; - for (i += hlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += hlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[7]); return retval; } -- 2.4.5 From lists at wrant.com Tue Jul 7 12:43:18 2015 From: lists at wrant.com (lists at wrant.com) Date: Tue, 7 Jul 2015 05:43:18 +0300 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150706152525.25b9b421@leda.localdomain> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> Message-ID: <20150707054318.6d6cd17d@sun.wrant.com> A machine diff between one using ASCII and UTF-8 would yield not equal? Is it reasonable to only use UTF-8 ("pretty" chars) with a command line switch (forced) rather than as an override (implied) behaviour? From list at eworm.de Tue Jul 7 18:17:56 2015 From: list at eworm.de (Christian Hesse) Date: Tue, 7 Jul 2015 10:17:56 +0200 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150707054318.6d6cd17d@sun.wrant.com> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <20150707054318.6d6cd17d@sun.wrant.com> Message-ID: <20150707101756.135f9a50@leda.localdomain> lists at wrant.com on Tue, 2015/07/07 05:43: > A machine diff between one using ASCII and UTF-8 would yield not equal? True. Do you need diffs of the artwork? I suppose this broke several times in the past... > Is it reasonable to only use UTF-8 ("pretty" chars) with a command line > switch (forced) rather than as an override (implied) behaviour? Just another idea... We could print unicode characters only when a real terminal is detected. From c3206e4182dea8877776c0d1f6f0e44149456a9a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 7 Jul 2015 10:15:39 +0200 Subject: [PATCH 1/1] use unicode characters only when in real terminal Signed-off-by: Christian Hesse --- sshkey.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sshkey.c b/sshkey.c index 326bc29..4c23483 100644 --- a/sshkey.c +++ b/sshkey.c @@ -46,6 +46,7 @@ #include #ifdef HAVE_LOCALE_H #include +#include #endif /* HAVE_LOCALE_H */ #ifdef HAVE_UTIL_H #include @@ -1122,7 +1123,8 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, /* get locale for LC_CTYPE and decide about characters to use */ locale = setlocale(LC_CTYPE, NULL); - if (locale != NULL && *locale != 0 && + if (isatty(fileno(stdout)) == 1 && + locale != NULL && *locale != 0 && (strstr(locale, "UTF-8") || strstr(locale, "utf-8") || strstr(locale, "UTF8") || -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From nkadel at gmail.com Tue Jul 7 22:49:15 2015 From: nkadel at gmail.com (Nico Kadel-Garcia) Date: Tue, 7 Jul 2015 08:49:15 -0400 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150707054318.6d6cd17d@sun.wrant.com> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <20150707054318.6d6cd17d@sun.wrant.com> Message-ID: On Mon, Jul 6, 2015 at 10:43 PM, wrote: > A machine diff between one using ASCII and UTF-8 would yield not equal? > > Is it reasonable to only use UTF-8 ("pretty" chars) with a command line > switch (forced) rather than as an override (implied) behaviour? Please, lordie, yes. Unicode is *not your friend* for any kind of binary or, in this case, display comparisons. It multiplies the complexity of the relevant code. From list at eworm.de Tue Jul 7 23:23:13 2015 From: list at eworm.de (Christian Hesse) Date: Tue, 7 Jul 2015 15:23:13 +0200 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <28F2E7EB-03D0-4215-8CAF-DEB2C2C1A409@pobox.com> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <20150707054318.6d6cd17d@sun.wrant.com> <20150707101756.135f9a50@leda.localdomain> <28F2E7EB-03D0-4215-8CAF-DEB2C2C1A409@pobox.com> Message-ID: <20150707152313.47b87e64@leda.localdomain> Jim Knoble on Tue, 2015/07/07 05:58: > It's not difficult to set LANG=C (or LANG=POSIX) in ssh's enviroment. That > should force ASCII. LC_CTYPE=C should be sufficient. > Otherwise, UTF8 should be used wherever possible (and > LANG permits), not just for a terminal, IMHO. What comes to mind is pstree. Running it in a terminal you get a tree of unicode characters, piping (or redirecting) you get ascii characters. Basically it is a matter of preference. I would prefer ascii for a non-terminal to make sure you can view a redirected text file without issue even if unicode is not supported. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From roland.mainz at nrubsig.org Wed Jul 8 00:25:25 2015 From: roland.mainz at nrubsig.org (Roland Mainz) Date: Tue, 7 Jul 2015 16:25:25 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <1436177142-12873-1-git-send-email-list@eworm.de> References: <1436177142-12873-1-git-send-email-list@eworm.de> Message-ID: On Mon, Jul 6, 2015 at 12:05 PM, Christian Hesse wrote: > From: Christian Hesse > > Signed-off-by: Christian Hesse > --- > sshkey.c | 47 ++++++++++++++++++++++++++++++++++++----------- > 1 file changed, 36 insertions(+), 11 deletions(-) > > diff --git a/sshkey.c b/sshkey.c > index cfe5980..47511c2 100644 > --- a/sshkey.c > +++ b/sshkey.c > @@ -44,6 +44,9 @@ > #include > #include > #include > +#ifdef HAVE_LOCALE_H > +#include > +#endif /* HAVE_LOCALE_H */ > #ifdef HAVE_UTIL_H > #include > #endif /* HAVE_UTIL_H */ > @@ -1088,6 +1091,12 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, > * Chars to be used after each other every time the worm > * intersects with itself. Matter of taste. > */ > +#ifdef HAVE_LOCALE_H > + char *locale; > + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; > +#endif > + char *border_ascii[] = { "+", "-", "+", "|", "+", "+" }; > + char **border; > char *augmentation_string = " .o+=*BOX@%&#/^SE"; > char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; > u_char field[FLDSIZE_X][FLDSIZE_Y]; > @@ -1096,9 +1105,25 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, > int x, y, r; > size_t len = strlen(augmentation_string) - 1; > > - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) > + if ((retval = malloc((FLDSIZE_X + 7) * FLDSIZE_Y + FLDSIZE_X * 3 * 2)) == NULL) > return NULL; > > +#ifdef HAVE_LOCALE_H > + /* initialize locale */ > + setlocale(LC_ALL, ""); > + > + /* get locale for LC_CTYPE and decide about characters to use */ > + locale = setlocale(LC_CTYPE, NULL); > + if (locale != NULL && *locale != 0 && > + (strstr(locale, "UTF-8") || > + strstr(locale, "utf-8") || > + strstr(locale, "UTF8") || > + strstr(locale, "utf8"))) > + border = border_utf8; > + else > +#endif > + border = border_ascii; > + > /* initialize field */ > memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); > x = FLDSIZE_X / 2; > @@ -1145,34 +1170,34 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, > > /* output upper border */ > p = retval; > - *p++ = '+'; > + p += sprintf(p, "%s", border[0]); > for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) > - *p++ = '-'; > + p += sprintf(p, "%s", border[1]); > memcpy(p, title, tlen); > p += tlen; > for (i += tlen; i < FLDSIZE_X; i++) > - *p++ = '-'; > - *p++ = '+'; > + p += sprintf(p, "%s", border[1]); > + p += sprintf(p, "%s", border[2]); > *p++ = '\n'; > > /* output content */ > for (y = 0; y < FLDSIZE_Y; y++) { > - *p++ = '|'; > + p += sprintf(p, "%s", border[3]); > for (x = 0; x < FLDSIZE_X; x++) > *p++ = augmentation_string[MIN(field[x][y], len)]; > - *p++ = '|'; > + p += sprintf(p, "%s", border[3]); > *p++ = '\n'; > } > > /* output lower border */ > - *p++ = '+'; > + p += sprintf(p, "%s", border[4]); > for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) > - *p++ = '-'; > + p += sprintf(p, "%s", border[1]); > memcpy(p, hash, hlen); > p += hlen; > for (i += hlen; i < FLDSIZE_X; i++) > - *p++ = '-'; > - *p++ = '+'; > + p += sprintf(p, "%s", border[1]); > + p += sprintf(p, "%s", border[5]); > > return retval; > } General comments: 1. Not all locales use UTF-8 as encoding but can still use the Unicode characters you use (e.g. GB18030 is a modern example and it's use is mandated by all software vendors in PRC China). A quick solution is to use |iconv()| to convert the UTF-8 byte sequences to the local encoding (see http://svn.nrubsig.org/svn/people/gisburn/code/ucs4towchar_t/ucs4towchar_t.c - that could should be easy to modify). Note that if |iconf()| produces an empty string in a character-by-character conversion it means that the destination locale cannot represent that character in the local encoding (you have to fall-back to the ASCII representation then (this will also eliminate the need for the |setlocale()|&&co. testing)). 2. UTF-8 sequences in ISO C code are not portable and a lot of compilers will choke on that (e.g. if they are in a non-UTF-8 locale like "C", "POSIX" or any non-UTF-8 multibyte locale). Correct fix would be to provide the UTF-8 byte sequences for the characters as plain C strings escaped in octal or hexadecimal notation (and then squish them through |iconf()|) 3. Not all UTF-8 locales (or locale aliases) have "UTF-8" in their name (for example the name "en_US" is allowed to be an alias for "en_US.UTF-8" (this quickly becomes messy in the Chinese/Japanese environments, e.g. where "ja_JP" can be anything from ja_JP.PCK to ja_JP.UTF-8)) ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz at nrubsig.org \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 3992797 (;O/ \/ \O;) From gert at greenie.muc.de Wed Jul 8 00:52:21 2015 From: gert at greenie.muc.de (Gert Doering) Date: Tue, 7 Jul 2015 16:52:21 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: References: <1436177142-12873-1-git-send-email-list@eworm.de> Message-ID: <20150707145221.GL382@greenie.muc.de> Hi, On Tue, Jul 07, 2015 at 04:25:25PM +0200, Roland Mainz wrote: > General comments: > 1. Not all locales use UTF-8 as encoding but can still use the Unicode > characters you use (e.g. GB18030 is a modern example and it's use is > mandated by all software vendors in PRC China). A quick solution is to > use |iconv()| to convert the UTF-8 byte sequences to the local > encoding (see http://svn.nrubsig.org/svn/people/gisburn/code/ucs4towchar_t/ucs4towchar_t.c So the suggestion is to use another external dependency (and one that updates quite frequently to the great joy of admins everywhere) just to paint some visual sugar which works about as well in ASCII... ... wtf? The whole idea of using UTF8 in a single place inside OpenSSH just for eye candy needs to be burnt in flames. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert at greenie.muc.de fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de From roland.mainz at nrubsig.org Wed Jul 8 00:57:49 2015 From: roland.mainz at nrubsig.org (Roland Mainz) Date: Tue, 7 Jul 2015 16:57:49 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150707145221.GL382@greenie.muc.de> References: <1436177142-12873-1-git-send-email-list@eworm.de> <20150707145221.GL382@greenie.muc.de> Message-ID: On Tue, Jul 7, 2015 at 4:52 PM, Gert Doering wrote: > Hi, > > On Tue, Jul 07, 2015 at 04:25:25PM +0200, Roland Mainz wrote: >> General comments: >> 1. Not all locales use UTF-8 as encoding but can still use the Unicode >> characters you use (e.g. GB18030 is a modern example and it's use is >> mandated by all software vendors in PRC China). A quick solution is to >> use |iconv()| to convert the UTF-8 byte sequences to the local >> encoding (see http://svn.nrubsig.org/svn/people/gisburn/code/ucs4towchar_t/ucs4towchar_t.c > > So the suggestion is to use another external dependency (and one that > updates quite frequently to the great joy of admins everywhere) just > to paint some visual sugar which works about as well in ASCII... Which *external* dependicy ? |iconv()| is part of the POSIX standard since a *long* time and since I wrote the code in the URL above I can say "... stick the openssl license code on the derived code and you're done with it..." (maybe add by email to it so people can complain to me if they find bugs...). ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz at nrubsig.org \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 3992797 (;O/ \/ \O;) From gert at greenie.muc.de Wed Jul 8 01:18:30 2015 From: gert at greenie.muc.de (Gert Doering) Date: Tue, 7 Jul 2015 17:18:30 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: References: <1436177142-12873-1-git-send-email-list@eworm.de> <20150707145221.GL382@greenie.muc.de> Message-ID: <20150707151830.GM382@greenie.muc.de> Hi, On Tue, Jul 07, 2015 at 04:57:49PM +0200, Roland Mainz wrote: > > So the suggestion is to use another external dependency (and one that > > updates quite frequently to the great joy of admins everywhere) just > > to paint some visual sugar which works about as well in ASCII... > > Which *external* dependicy ? |iconv()| is part of the POSIX standard > since a *long* time and since I wrote the code in the URL above I can > say "... stick the openssl license code on the derived code and you're > done with it..." (maybe add by email to it so people can complain to > me if they find bugs...). I wonder why my BSDs keep installing and upgrading libiconv on me all the time, then... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert at greenie.muc.de fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de From lists at wrant.com Wed Jul 8 01:15:28 2015 From: lists at wrant.com (lists at wrant.com) Date: Tue, 7 Jul 2015 18:15:28 +0300 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <1436177142-12873-1-git-send-email-list@eworm.de> References: <1436177142-12873-1-git-send-email-list@eworm.de> Message-ID: <20150707181528.39379967@sun.wrant.com> What is the original purpose and main goal of this patch beyond the obvious "visual appeal"? From mouring at eviladmin.org Wed Jul 8 11:05:00 2015 From: mouring at eviladmin.org (Ben Lindstrom) Date: Tue, 07 Jul 2015 20:05:00 -0500 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150706152525.25b9b421@leda.localdomain> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> Message-ID: <559C773C.3040302@eviladmin.org> Christian Hesse wrote: > Hello everybody, > > this is an updated version with these changes: > > * unicode characters are encoded using octal values > * added two more unicode characters to replace brackets > * made ssh work, but: > > Christian Hesse on Mon, 2015/07/06 15:18: >> --- a/log.c >> +++ b/log.c >> @@ -444,7 +444,7 @@ do_log(LogLevel level, const char *fmt, va_list args) >> tmp_handler(level, fmtbuf, log_handler_ctx); >> log_handler = tmp_handler; >> } else if (log_on_stderr) { >> - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); >> + /* we want unicode multi byte characters, so do not use >> fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); >> } else { >> #if defined(HAVE_OPENLOG_R)&& defined(SYSLOG_DATA_INIT) > > Does that break anything? I don't think this is right.. You are logging "msgbuf" to write(log_stderr, ..) but you just deleted the line that GENERATES that variable.. So your logging nothing but an undefined string. At least it needs to swap it to use fmtbuf, but I suspect this screws up the output as you no longer are doing \r\n in the general case where this may be required. So I'm not convinced this is right. - Ben From list at eworm.de Wed Jul 8 17:59:54 2015 From: list at eworm.de (Christian Hesse) Date: Wed, 8 Jul 2015 09:59:54 +0200 Subject: [PATCH 1/1] remove extra new line Message-ID: <1436342395-13622-1-git-send-email-list@eworm.de> From: Christian Hesse logit() adds a new line, so this one is duplicate. Signed-off-by: Christian Hesse --- sshconnect.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sshconnect.c b/sshconnect.c index f41960c..f104297 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -925,7 +925,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, options.fingerprint_hash, SSH_FP_RANDOMART); if (fp == NULL || ra == NULL) fatal("%s: sshkey_fingerprint fail", __func__); - logit("Host key fingerprint is %s\n%s\n", fp, ra); + logit("Host key fingerprint is %s\n%s", fp, ra); free(ra); free(fp); } -- 2.4.5 From list at eworm.de Wed Jul 8 18:08:22 2015 From: list at eworm.de (Christian Hesse) Date: Wed, 8 Jul 2015 10:08:22 +0200 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <559C773C.3040302@eviladmin.org> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <559C773C.3040302@eviladmin.org> Message-ID: <20150708100822.79d31fff@leda.localdomain> Ben Lindstrom on Tue, 2015/07/07 20:05: > > > Christian Hesse wrote: > > Hello everybody, > > > > this is an updated version with these changes: > > > > * unicode characters are encoded using octal values > > * added two more unicode characters to replace brackets > > * made ssh work, but: > > > > Christian Hesse on Mon, 2015/07/06 15:18: > >> --- a/log.c > >> +++ b/log.c > >> @@ -444,7 +444,7 @@ do_log(LogLevel level, const char *fmt, va_list args) > >> tmp_handler(level, fmtbuf, log_handler_ctx); > >> log_handler = tmp_handler; > >> } else if (log_on_stderr) { > >> - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); > >> + /* we want unicode multi byte characters, so do not use > >> fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); > >> } else { > >> #if defined(HAVE_OPENLOG_R)&& defined(SYSLOG_DATA_INIT) > > > > Does that break anything? > > I don't think this is right.. You are logging "msgbuf" to > write(log_stderr, ..) but you just deleted the line that GENERATES that > variable.. So your logging nothing but an undefined string. That is wrong. msgbuf is initialized and contains what we want. strnvis() writes from msgbuf to fmtbu. The line I removed then (over-) writes from fmtbu to msgbuf (the other way round), adding a new line. > At least it needs to swap it to use fmtbuf, but I suspect this screws up > the output as you no longer are doing \r\n in the general case where > this may be required. That is right. So we need an extra (void)write(log_stderr_fd, "\r\n", 2); > So I'm not convinced this is right. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From list at eworm.de Wed Jul 8 18:21:12 2015 From: list at eworm.de (Christian Hesse) Date: Wed, 8 Jul 2015 10:21:12 +0200 Subject: [PATCH 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: References: <1436177142-12873-1-git-send-email-list@eworm.de> Message-ID: <20150708102112.176fc272@leda.localdomain> Roland Mainz on Tue, 2015/07/07 16:25: > General comments: > 1. Not all locales use UTF-8 as encoding but can still use the Unicode > characters you use (e.g. GB18030 is a modern example and it's use is > mandated by all software vendors in PRC China). A quick solution is to > use |iconv()| to convert the UTF-8 byte sequences to the local > encoding (see > http://svn.nrubsig.org/svn/people/gisburn/code/ucs4towchar_t/ucs4towchar_t.c > - that could should be easy to modify). Note that if |iconf()| > produces an empty string in a character-by-character conversion it > means that the destination locale cannot represent that character in > the local encoding (you have to fall-back to the ASCII representation > then (this will also eliminate the need for the |setlocale()|&&co. > testing)). > > 2. UTF-8 sequences in ISO C code are not portable and a lot of > compilers will choke on that (e.g. if they are in a non-UTF-8 locale > like "C", "POSIX" or any non-UTF-8 multibyte locale). Correct fix > would be to provide the UTF-8 byte sequences for the characters as > plain C strings escaped in octal or hexadecimal notation (and then > squish them through |iconf()|) > > 3. Not all UTF-8 locales (or locale aliases) have "UTF-8" in their > name (for example the name "en_US" is allowed to be an alias for > "en_US.UTF-8" (this quickly becomes messy in the Chinese/Japanese > environments, e.g. where "ja_JP" can be anything from ja_JP.PCK to > ja_JP.UTF-8)) Ok, this adds some more complexity. Looks like we can not just use a given value to get it right in all cases (for all locales, encodings, ...). This code goes though a loop to calculate the needed byte sequences once. Does that work everywhere? Probably we have to fiddle with header files. Not all systems do have iconv.h and langinfo.h (and corresponding libraries), no? diff --git a/log.c b/log.c index 32e1d2e..7463617 100644 --- a/log.c +++ b/log.c @@ -444,8 +444,9 @@ do_log(LogLevel level, const char *fmt, va_list args) tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); + /* we want unicode multi byte characters, so do not use fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); + (void)write(log_stderr_fd, "\r\n", 2); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); diff --git a/sshkey.c b/sshkey.c index cfe5980..2f5a2f7 100644 --- a/sshkey.c +++ b/sshkey.c @@ -44,6 +44,12 @@ #include #include #include +#ifdef HAVE_LOCALE_H +#include +#include +#include +#include +#endif /* HAVE_LOCALE_H */ #ifdef HAVE_UTIL_H #include #endif /* HAVE_UTIL_H */ @@ -1088,17 +1094,75 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, * Chars to be used after each other every time the worm * intersects with itself. Matter of taste. */ + char *border_ascii[] = { "+", "-", "[", "]", "+", "|", "+", "+" }; + char **border; char *augmentation_string = " .o+=*BOX@%&#/^SE"; - char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; + char *retval, *p, title[FLDSIZE_X - 2], hash[FLDSIZE_X - 2]; u_char field[FLDSIZE_X][FLDSIZE_Y]; size_t i, tlen, hlen; u_int b; int x, y, r; size_t len = strlen(augmentation_string) - 1; - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) + if ((retval = malloc((FLDSIZE_X + 7) * FLDSIZE_Y + FLDSIZE_X * 3 * 2)) == NULL) return NULL; +#ifdef HAVE_LOCALE_H + iconv_t cd; + /* unicode character codes for box drawing + * http://unicode.org/charts/PDF/U2500.pdf */ + uint32_t border_unicode[] = { + 0x250c, /* ? upper left */ + 0x2500, /* ? horizontal */ + 0x2524, /* ? left of title/hash */ + 0x251c, /* ? right of title/hash */ + 0x2510, /* ? upper right */ + 0x2502, /* ? vertical */ + 0x2514, /* ? lower left */ + 0x2518 /* ? lower right */ }; + /* border_buffer is array of array of char + * we use this to have statically allocated buffer */ + char border_buffer[8][5]; + /* border_encoded is array of pointer to char */ + char *border_encoded[8]; + + if (isatty(fileno(stdout)) == 1) { + /* initialize locale */ + setlocale(LC_ALL, ""); + +#if __BYTE_ORDER == __LITTLE_ENDIAN + cd = iconv_open(nl_langinfo(CODESET), "UTF32LE"); +#elif __BYTE_ORDER == __BIG_ENDIAN + cd = iconv_open(nl_langinfo(CODESET), "UTF32BE"); +#else +#error Unknown __BYTE_ORDER +#endif + + /* encode the border elements */ + for (int i = 0; i < 8; i++) { + size_t in_size = sizeof(uint32_t);; + size_t out_size = sizeof(border_buffer[i]); + char *input = (char *) &border_unicode[i]; + char *output = border_buffer[i]; + + memset(border_buffer[i], 0, out_size); + iconv(cd, &input, &in_size, &output, &out_size); + + /* if iconv() was successful we have a string with non-zero length + * fall back to ascii otherwise */ + if (border_buffer[i][0] != 0) + border_encoded[i] = border_buffer[i]; + else + border_encoded[i] = border_ascii[i]; + } + + iconv_close(cd); + + border = border_encoded; + } else +#endif + border = border_ascii; + /* initialize field */ memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); x = FLDSIZE_X / 2; @@ -1132,47 +1196,51 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, field[x][y] = len; /* assemble title */ - r = snprintf(title, sizeof(title), "[%s %u]", + r = snprintf(title, sizeof(title), "%s %u", sshkey_type(k), sshkey_size(k)); - /* If [type size] won't fit, then try [type]; fits "[ED25519-CERT]" */ + /* If "type size" won't fit, then try "type"; fits "ED25519-CERT" */ if (r < 0 || r > (int)sizeof(title)) - r = snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); + r = snprintf(title, sizeof(title), "%s", sshkey_type(k)); tlen = (r <= 0) ? 0 : strlen(title); /* assemble hash ID. */ - r = snprintf(hash, sizeof(hash), "[%s]", alg); + r = snprintf(hash, sizeof(hash), "%s", alg); hlen = (r <= 0) ? 0 : strlen(hash); /* output upper border */ p = retval; - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[0]); + for (i = 0; i < (FLDSIZE_X - tlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, title, tlen); p += tlen; - for (i += tlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += tlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[4]); *p++ = '\n'; /* output content */ for (y = 0; y < FLDSIZE_Y; y++) { - *p++ = '|'; + p += sprintf(p, "%s", border[5]); for (x = 0; x < FLDSIZE_X; x++) *p++ = augmentation_string[MIN(field[x][y], len)]; - *p++ = '|'; + p += sprintf(p, "%s", border[5]); *p++ = '\n'; } /* output lower border */ - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[6]); + for (i = 0; i < (FLDSIZE_X - hlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, hash, hlen); p += hlen; - for (i += hlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += hlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[7]); return retval; } -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Thu Jul 9 07:58:13 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 08 Jul 2015 17:58:13 -0400 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <20150707054318.6d6cd17d@sun.wrant.com> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <20150707054318.6d6cd17d@sun.wrant.com> Message-ID: <87lheqe2h6.fsf@alice.fifthhorseman.net> On Mon 2015-07-06 22:43:18 -0400, lists at wrant.com wrote: > A machine diff between one using ASCII and UTF-8 would yield not equal? anyone doing a machine diff should be doing a machine diff of the raw public key material in the first place, no? The ssh "visual host key" artwork is for human consumption. i'm rather dubious about it its security properties, i confess, but i don't think there is any reasonable context in which it should be machine-interpreted. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From lists at wrant.com Thu Jul 9 10:46:42 2015 From: lists at wrant.com (lists at wrant.com) Date: Thu, 9 Jul 2015 03:46:42 +0300 Subject: [PATCH v2 1/1] paint visual host key with unicode box-drawing characters In-Reply-To: <87lheqe2h6.fsf@alice.fifthhorseman.net> References: <20150706135321.0e680178@leda.localdomain> <1436188709-21550-1-git-send-email-list@eworm.de> <20150706152525.25b9b421@leda.localdomain> <20150707054318.6d6cd17d@sun.wrant.com> <87lheqe2h6.fsf@alice.fifthhorseman.net> Message-ID: <20150709034642.3d92964c@sun.wrant.com> Instead of proposing encoding changes of output that would require a tool to sanitise the resulting from these experiments, why not consider using a tool outside SSH code to produce the pretty print in the first place? From sfandino at gmail.com Thu Jul 9 17:58:59 2015 From: sfandino at gmail.com (salvador fandino) Date: Thu, 9 Jul 2015 09:58:59 +0200 Subject: Participating in Win32 OpenSSH port In-Reply-To: References: Message-ID: Dear Lee, As part of the YAPC::Europe::2015 (the annual European conference about the Perl language, http://act.yapc.eu/ye2015/), I am organizing a hackathon around Perl and SSH. This is going to be a small hackathon. No big fuss, just a small group of very focused people working on the SSH modules we have for Perl. One of our targets (and at least my personal main target) is improving things on Windows, getting those modules to work there reliably. So I would like to invite you and your team to join us as I think it would really be an enrichment experience for both parties. We would definitively appreciate having some real Windows experts with us (no Perl knowledge required). And you would get to know people that had already faced some of the problems you may be encountering now, related to the integration of SSH inside a programming language, what users demand, technical issues, what worked for us and what didn't, OpenSSH shortcomings, etc. The conference is in Granada, Spain, from September 2nd to 4th, hackhatons are on the 5th, Saturday. Besides the SSH side, let my add that the YAPCs are one of the more funny conferences around for hackers (hackers in the good old sense). This year is particular important for the Perl community as the first release of Perl 6 is expected, and it is going to be one of the main topics at the conference with lots of talks about language design and implementation, virtual machines, JITs, etc. And well, I think that's all. Looking forward to hearing from you! On Mon, Jun 8, 2015 at 10:45 PM, Lee Holmes ([PS C:\> ]) < Lee.Holmes at microsoft.com> wrote: > As you may have heard, the PowerShell team is looking to contribute to > OpenSSH to make it available on Win32 platforms [1]. As part of this, we're > looking to contract some experts on SSH and Win32 to collaborate with us > on the Win32 port. Our focus is to contribute to OpenSSH - not to create a > private fork. > > If you're interested in contracting to participate in this effort, we'd > love to talk! Please contact me directly, and we'll take it from there. > > Lee Holmes > Principal Software Engineer, Windows PowerShell > > [1] > http://blogs.msdn.com/b/powershell/archive/2015/06/03/looking-forward-microsoft-support-for-secure-shell-ssh.aspx > From sfandino at gmail.com Thu Jul 9 18:19:04 2015 From: sfandino at gmail.com (salvador fandino) Date: Thu, 9 Jul 2015 10:19:04 +0200 Subject: Perl & SSH hackaton [was Re: Participating in Win32 OpenSSH port] Message-ID: On Thu, Jul 9, 2015 at 9:58 AM, salvador fandino wrote: > Dear Lee, > Oops, that's was intended to be a private reply for Lee Holmes... in my defense, it was too early in the morning, not enough coffee. Well, anyway I was also planing to send a similar message to this list. So now, you already know the details. Do you like Perl? then come to the YAPC::Europe::2015 in Granada, and join us also at the hackathon. Too far away for you? you can also join us by IRC. Just let me know you are interested and I would get back to you some days before the event with the details. Cheers! From mail at eworm.de Thu Jul 9 18:34:04 2015 From: mail at eworm.de (Christian Hesse) Date: Thu, 9 Jul 2015 10:34:04 +0200 Subject: [PATCH 1/1 v3] paint visual host key with unicode box-drawing characters In-Reply-To: <20150708102112.176fc272@leda.localdomain> References: <20150708102112.176fc272@leda.localdomain> Message-ID: <1436430844-29646-1-git-send-email-mail@eworm.de> Signed-off-by: Christian Hesse --- configure.ac | 11 ++++++ defines.h | 5 +++ log.c | 3 +- sshkey.c | 108 ++++++++++++++++++++++++++++++++++++++++++++++++----------- 4 files changed, 106 insertions(+), 21 deletions(-) diff --git a/configure.ac b/configure.ac index bb0095f..7e3965f 100644 --- a/configure.ac +++ b/configure.ac @@ -383,6 +383,8 @@ AC_CHECK_HEADERS([ \ inttypes.h \ limits.h \ locale.h \ + iconv.h \ + langinfo.h \ login.h \ maillock.h \ ndir.h \ @@ -4641,6 +4643,15 @@ AC_ARG_ENABLE([pututxline], fi ] ) +AC_ARG_ENABLE([unicode], + [ --disable-unicode disable use of unicode [no]], + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE([DISABLE_UNICODE], [1], + [Define if you don't want to use unicode]) + fi + ] +) AC_ARG_WITH([lastlog], [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], [ diff --git a/defines.h b/defines.h index fa0ccba..7ea69cc 100644 --- a/defines.h +++ b/defines.h @@ -850,4 +850,9 @@ struct winsize { # endif /* gcc version */ #endif /* __predict_true */ +#if defined(HAVE_LOCALE_H) && defined(HAVE_ICONV_H) && \ + defined(HAVE_LANGINFO_H) && !defined(DISABLE_UNICODE) +# define USE_UNICODE +#endif + #endif /* _DEFINES_H */ diff --git a/log.c b/log.c index 32e1d2e..7463617 100644 --- a/log.c +++ b/log.c @@ -444,8 +444,9 @@ do_log(LogLevel level, const char *fmt, va_list args) tmp_handler(level, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); + /* we want unicode multi byte characters, so do not use fmtbuf here */ (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); + (void)write(log_stderr_fd, "\r\n", 2); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); diff --git a/sshkey.c b/sshkey.c index cfe5980..554087f 100644 --- a/sshkey.c +++ b/sshkey.c @@ -44,6 +44,12 @@ #include #include #include +#ifdef USE_UNICODE +#include +#include +#include +#include +#endif /* USE_UNICODE */ #ifdef HAVE_UTIL_H #include #endif /* HAVE_UTIL_H */ @@ -1088,17 +1094,75 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, * Chars to be used after each other every time the worm * intersects with itself. Matter of taste. */ + char *border_ascii[] = { "+", "-", "[", "]", "+", "|", "+", "+" }; + char **border; char *augmentation_string = " .o+=*BOX@%&#/^SE"; - char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; + char *retval, *p, title[FLDSIZE_X - 2], hash[FLDSIZE_X - 2]; u_char field[FLDSIZE_X][FLDSIZE_Y]; size_t i, tlen, hlen; u_int b; int x, y, r; size_t len = strlen(augmentation_string) - 1; - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) + if ((retval = malloc((FLDSIZE_X + 7) * FLDSIZE_Y + FLDSIZE_X * 3 * 2)) == NULL) return NULL; +#ifdef USE_UNICODE + iconv_t cd; + /* unicode character codes for box drawing + * http://unicode.org/charts/PDF/U2500.pdf */ + uint32_t border_unicode[] = { + 0x250c, /* ? upper left */ + 0x2500, /* ? horizontal */ + 0x2524, /* ? left of title/hash */ + 0x251c, /* ? right of title/hash */ + 0x2510, /* ? upper right */ + 0x2502, /* ? vertical */ + 0x2514, /* ? lower left */ + 0x2518 /* ? lower right */ }; + /* border_buffer is array of array of char + * we use this to have statically allocated buffer */ + char border_buffer[8][5]; + /* border_encoded is array of pointer to char */ + char *border_encoded[8]; + + if (isatty(fileno(stdout)) == 1) { + /* initialize locale */ + setlocale(LC_ALL, ""); + +#if __BYTE_ORDER == __LITTLE_ENDIAN + cd = iconv_open(nl_langinfo(CODESET), "UTF32LE"); +#elif __BYTE_ORDER == __BIG_ENDIAN + cd = iconv_open(nl_langinfo(CODESET), "UTF32BE"); +#else +#error Unknown __BYTE_ORDER +#endif + + /* encode the border elements */ + for (int i = 0; i < 8; i++) { + size_t in_size = sizeof(uint32_t);; + size_t out_size = sizeof(border_buffer[i]); + char *input = (char *) &border_unicode[i]; + char *output = border_buffer[i]; + + memset(border_buffer[i], 0, out_size); + iconv(cd, &input, &in_size, &output, &out_size); + + /* if iconv() was successful we have a string with non-zero length + * fall back to ascii otherwise */ + if (border_buffer[i][0] != 0) + border_encoded[i] = border_buffer[i]; + else + border_encoded[i] = border_ascii[i]; + } + + iconv_close(cd); + + border = border_encoded; + } else +#endif /* USE_UNICODE */ + border = border_ascii; + /* initialize field */ memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); x = FLDSIZE_X / 2; @@ -1132,47 +1196,51 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, field[x][y] = len; /* assemble title */ - r = snprintf(title, sizeof(title), "[%s %u]", + r = snprintf(title, sizeof(title), "%s %u", sshkey_type(k), sshkey_size(k)); - /* If [type size] won't fit, then try [type]; fits "[ED25519-CERT]" */ + /* If "type size" won't fit, then try "type"; fits "ED25519-CERT" */ if (r < 0 || r > (int)sizeof(title)) - r = snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); + r = snprintf(title, sizeof(title), "%s", sshkey_type(k)); tlen = (r <= 0) ? 0 : strlen(title); /* assemble hash ID. */ - r = snprintf(hash, sizeof(hash), "[%s]", alg); + r = snprintf(hash, sizeof(hash), "%s", alg); hlen = (r <= 0) ? 0 : strlen(hash); /* output upper border */ p = retval; - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[0]); + for (i = 0; i < (FLDSIZE_X - tlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, title, tlen); p += tlen; - for (i += tlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += tlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[4]); *p++ = '\n'; /* output content */ for (y = 0; y < FLDSIZE_Y; y++) { - *p++ = '|'; + p += sprintf(p, "%s", border[5]); for (x = 0; x < FLDSIZE_X; x++) *p++ = augmentation_string[MIN(field[x][y], len)]; - *p++ = '|'; + p += sprintf(p, "%s", border[5]); *p++ = '\n'; } /* output lower border */ - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) - *p++ = '-'; + p += sprintf(p, "%s", border[6]); + for (i = 0; i < (FLDSIZE_X - hlen - 2) / 2; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[2]); memcpy(p, hash, hlen); p += hlen; - for (i += hlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; + p += sprintf(p, "%s", border[3]); + for (i += hlen + 2; i < FLDSIZE_X; i++) + p += sprintf(p, "%s", border[1]); + p += sprintf(p, "%s", border[7]); return retval; } -- 2.4.5 From Ole.H.Nielsen at fysik.dtu.dk Fri Jul 10 18:40:07 2015 From: Ole.H.Nielsen at fysik.dtu.dk (Ole Holm Nielsen) Date: Fri, 10 Jul 2015 10:40:07 +0200 Subject: [PATCH 1/1] update error messages about moduli and primes files In-Reply-To: <1435739405-12226-1-git-send-email-list@eworm.de> References: <1435739405-12226-1-git-send-email-list@eworm.de> Message-ID: <559F84E7.9030301@fysik.dtu.dk> Thanks to Christian Hesse for fixing a logging bug. The logit() messages are identical in releases 6.6 through 6.9. Question: Could this patch be backported to older releases as well? Then it would appear in major distributions using 6.6, for example RHEL 7 and CentOS 7, and become helpful to a lot of users. Furthermore, I would like to add a suggestion for the patch: We're running an OpenSSH server on CentOS 7.1 (RPM: openssh-6.6.1p1-12.el7_1.x86_64) and we have seen some puzzling warnings (related to the above patch) in the syslog: sshd[16815]: WARNING: /etc/ssh/moduli does not exist, using fixed modulus It turned out that my /etc/ssh/moduli file had gotten an erroneous SELinux security context by mistake. The correct SELinux security context is: # ls -Z /etc/ssh/moduli -rw-r--r--. root root unconfined_u:object_r:etc_t:s0 /etc/ssh/moduli Suggestion: Could you replace the logit() warning message: logit("WARNING: neither %s nor %s exists, using fixed modulus", by a possibly more informative message: logit("WARNING: neither %s nor %s can be opened, using fixed modulus", Thanks, Ole -- Ole Holm Nielsen Department of Physics, Technical University of Denmark From aixtools at gmail.com Fri Jul 10 20:01:35 2015 From: aixtools at gmail.com (aixtools) Date: Fri, 10 Jul 2015 12:01:35 +0200 Subject: [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group In-Reply-To: References: Message-ID: <559F97FF.1050507@gmail.com> On 2015-06-02 5:31 AM, bugzilla-daemon at mindrot.org wrote: > https://bugzilla.mindrot.org/show_bug.cgi?id=2302 > > --- Comment #13 from Darren Tucker --- > (In reply to Christoph Anton Mitterer from comment #10) > [...] >> Even though an attacker cannot (AFAIU??) for a connection to >> downgrade to the weaker groups, > The server's DH-GEX exchange hash includes the DH group sizes it > received from the client. If these are modified in transit the > exchange hash will not match. > >> it still doesn't give the server >> admin a good way to "block out" weak clients. > Do any such clients actually exist? RFC4419 says DH-GEX > implementations SHOULD have a max group size of 8k. > Yes I expect. I have a ssh client from 2002 era that has worked very well for me (from ssh.com before they renamed it tectia) - and I would buy it again today - but they only to B2B these days. Putty is functional, but I really prefer the 'tectia'-like UI. I expect I will have no choice - other than replace it - as servers get tighter about key exchange protocols (mine still needs the (please dont hit me !) sha1 exchanges. So, yes - they exist because until openssh-6.7 they were all supported by default - so again thank you (openbsd/openssh devs) for opening my eyes - and giving me time to adjust! From dtucker at zip.com.au Fri Jul 10 20:06:52 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Fri, 10 Jul 2015 20:06:52 +1000 Subject: [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group In-Reply-To: <559F97FF.1050507@gmail.com> References: <559F97FF.1050507@gmail.com> Message-ID: On Fri, Jul 10, 2015 at 8:01 PM, aixtools wrote: > On 2015-06-02 5:31 AM, bugzilla-daemon at mindrot.org wrote: [...] > Do any such clients actually exist? RFC4419 says DH-GEX >> implementations SHOULD have a max group size of 8k. >> >> Yes I expect. I have a ssh client from 2002 era that has worked very > well for me (from ssh.com before they renamed it tectia) - and I would > buy it again today - but they only to B2B these days. > Wait, so the ssh.com client of that era *did* do diffie-hellman-group-exchange-sha1 (as opposed to diffie-hellman-group1-sha1 or diffie-hellman-group14-sha1) but *didn't* support 8k groups? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From igor at mir2.org Sat Jul 11 04:26:45 2015 From: igor at mir2.org (Igor Bukanov) Date: Fri, 10 Jul 2015 20:26:45 +0200 Subject: AuthorizedKeysFile and none Message-ID: Hello, I see from observing debug output of sshd that the correct way to disable AuthorizedKeysFile so sshd never tries any authorized files including those from the default list is to write: AuthorizedKeysFile none However the man page [1] does not mention this. Is this the intended behavior that is just not properly documented? [1] - http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5?query=sshd_config&sec=5 From jjelen at redhat.com Tue Jul 14 16:54:12 2015 From: jjelen at redhat.com (Jakub Jelen) Date: Tue, 14 Jul 2015 08:54:12 +0200 Subject: [PATCH 1/1] update error messages about moduli and primes files In-Reply-To: <559F84E7.9030301@fysik.dtu.dk> References: <1435739405-12226-1-git-send-email-list@eworm.de> <559F84E7.9030301@fysik.dtu.dk> Message-ID: <55A4B214.20703@redhat.com> On 07/10/2015 10:40 AM, Ole Holm Nielsen wrote: > Thanks to Christian Hesse for fixing a logging bug. > The logit() messages are identical in releases 6.6 through 6.9. > > Question: Could this patch be backported to older releases as well? > Then it would appear in major distributions using 6.6, for example > RHEL 7 and CentOS 7, and become helpful to a lot of users. Openssh usually doesn't make bugfix releases of previous versions. If you are interested to see it in next update of RHEL/CentOS, you can fill RFE bug in our (=redhat) bugzilla. I understand that this can be misleading, but I don't think this is critical issue that needs to be fixed ASAP. -- Jakub Jelen Security Technologies Red Hat From jjelen at redhat.com Thu Jul 16 18:37:10 2015 From: jjelen at redhat.com (Jakub Jelen) Date: Thu, 16 Jul 2015 10:37:10 +0200 Subject: Smart Card support Message-ID: <55A76D36.7010706@redhat.com> Hi all, I was investigating openssh functionality with Smart Cards of different types from different vendors and there appeared few problems that would be great if they would be solved before 7.0 release. I filled bugs for them to keep track of them in openssh bugzilla Bug 2427 - ssh keygen is trying to read uninitialized slots on smart card (and is failing) [1] Bug 2429 - ssh-keygen ignores keys that have CKA_ID == 0 [2] Bug 2430 - ssh-keygen should allow to login before reading public key from smart card [3] Is there somebody who would be able to review the proposed changes and comment on the last one, what solution would be better? Then I can propose also some patch. [1] https://bugzilla.mindrot.org/show_bug.cgi?id=2427 [2] https://bugzilla.mindrot.org/show_bug.cgi?id=2429 [3] https://bugzilla.mindrot.org/show_bug.cgi?id=2430 Best regards, -- Jakub Jelen Security Technologies Red Hat From pengyu.ut at gmail.com Sat Jul 18 13:24:52 2015 From: pengyu.ut at gmail.com (Peng Yu) Date: Fri, 17 Jul 2015 22:24:52 -0500 Subject: How to ssh to a server via an intermediate server with X11 forwarding? In-Reply-To: References: Message-ID: On Sun, Jul 5, 2015 at 3:26 AM, Damien Miller wrote: > On Sat, 4 Jul 2015, Peng Yu wrote: > >> I tried the following command. >> >> ssh -Y -t intermediate -- ssh -Y dest >> >> But it shows the following error message. Does anybody know how to fix >> the problem? Thanks. > > ssh -oProxyCommand="ssh -W %h:%p intermediate" -Y dest > > should work Somehow, the above command works in some cases but not others (I still see "X11 forwarding request failed on channel 0"). Do you know how to debug for the cases that do not work? Thanks. -- Regards, Peng From djm at mindrot.org Sat Jul 18 18:18:26 2015 From: djm at mindrot.org (Damien Miller) Date: Sat, 18 Jul 2015 18:18:26 +1000 (AEST) Subject: How to ssh to a server via an intermediate server with X11 forwarding? In-Reply-To: References: Message-ID: On Fri, 17 Jul 2015, Peng Yu wrote: > On Sun, Jul 5, 2015 at 3:26 AM, Damien Miller wrote: > > On Sat, 4 Jul 2015, Peng Yu wrote: > > > >> I tried the following command. > >> > >> ssh -Y -t intermediate -- ssh -Y dest > >> > >> But it shows the following error message. Does anybody know how to fix > >> the problem? Thanks. > > > > ssh -oProxyCommand="ssh -W %h:%p intermediate" -Y dest > > > > should work > > Somehow, the above command works in some cases but not others (I still > see "X11 forwarding request failed on channel 0"). Do you know how to > debug for the cases that do not work? Thanks. Add some -d options to one/both ssh commands. -d From pengyu.ut at gmail.com Sun Jul 19 03:32:30 2015 From: pengyu.ut at gmail.com (Peng Yu) Date: Sat, 18 Jul 2015 12:32:30 -0500 Subject: How to ssh to a server via an intermediate server with X11 forwarding? In-Reply-To: References: Message-ID: > Add some -d options to one/both ssh commands. Here is the output (I don't find a -d option). Do you see what is wrong? Thanks. ~$ ssh -v -oProxyCommand="ssh -v -W %h:%p intermediate" -Y dest OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /Users/myname/.ssh/config debug1: /Users/myname/.ssh/config line 50: Applying options for dest debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug1: Executing proxy command: exec ssh -v -W dest.xxx.com:22 intermediate debug1: identity file /Users/myname/.ssh/id_rsa type 1 debug1: permanently_drop_suid: 509 debug1: identity file /Users/myname/.ssh/id_rsa-cert type -1 debug1: identity file /Users/myname/.ssh/id_dsa type 2 debug1: identity file /Users/myname/.ssh/id_dsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /Users/myname/.ssh/config debug1: /Users/myname/.ssh/config line 142: Applying options for intermediate debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug1: Connecting to intermediate.xxx.com [165.91.87.71] port 22. debug1: Connection established. debug1: identity file /Users/myname/.ssh/id_rsa type 1 debug1: identity file /Users/myname/.ssh/id_rsa-cert type -1 debug1: identity file /Users/myname/.ssh/id_dsa type 2 debug1: identity file /Users/myname/.ssh/id_dsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com zlib at openssh.com debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com zlib at openssh.com debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA c8:93:83:84:3e:d9:a5:cf:e2:90:3c:8e:02:6d:1a:40 debug1: Host 'intermediate.xxx.com' is known and matches the RSA host key. debug1: Found key in /Users/myname/.ssh/known_hosts:101 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received Ubuntu 14.04.2 LTS debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/myname/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: read PEM private key done: type RSA debug1: Enabling compression at level 6. debug1: Authentication succeeded (publickey). Authenticated to intermediate.xxx.com ([165.91.87.71]:22). debug1: channel_connect_stdio_fwd dest.xxx.com:22 debug1: channel 0: new [stdio-forward] debug1: getpeername failed: Bad file descriptor debug1: Requesting no-more-sessions at openssh.com debug1: Entering interactive session. debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA c2:6f:77:70:0e:51:ab:70:3a:b5:32:e8:c3:01:f3:57 debug1: Host 'dest.xxx.com' is known and matches the RSA host key. debug1: Found key in /Users/myname/.ssh/known_hosts:126 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/myname/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering DSA public key: /Users/myname/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 433 debug1: read PEM private key done: type DSA debug1: Authentication succeeded (publickey). Authenticated to dest.xxx.com (via proxy). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions at openssh.com debug1: Entering interactive session. debug1: Requesting X11 forwarding with authentication spoofing. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 X11 forwarding request failed on channel 0 Last login: Sat Jul 18 12:28:13 2015 from intermediate.xxx.com -- Regards, Peng From martin at winscp.net Tue Jul 21 05:08:53 2015 From: martin at winscp.net (Martin Prikryl) Date: Mon, 20 Jul 2015 21:08:53 +0200 Subject: WinSCP 5.7.5 will support the RFC 4419 revision to Diffie-Hellman group exchange Message-ID: <55AD4745.7000604@winscp.net> Hello, I'd like to inform you that the next release of WinSCP SFTP client (version 5.7.5) will support Diffie-Hellman group exchange as specified by RFC 4419. http://winscp.net/tracker/show_bug.cgi?id=1345 So I'd like to ask you to kindly update the check in compat_datafellows() to WinSCP_release_4* WinSCP_release_5.0* WinSCP_release_5.1* WinSCP_release_5.2* WinSCP_release_5.5* WinSCP_release_5.6* WinSCP_release_5.7 WinSCP_release_5.7.1 WinSCP_release_5.7.2 WinSCP_release_5.7.3 WinSCP_release_5.7.4 If you want to test this, please use: http://winscp.net/public/winscp20150720ropenssh.zip Thanks. Martin Prikryl https://winscp.net/ From matthew at debian.org Wed Jul 22 00:57:28 2015 From: matthew at debian.org (Matthew Vernon) Date: 21 Jul 2015 15:57:28 +0100 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <20150701073432.GS12080@cacao.linbit> References: <5620606096372553010.enqueue@cvs.openbsd.org> <5620606096372553010.enqueue@cvs.openbsd.org> <20150701073432.GS12080@cacao.linbit> Message-ID: <5blhe9tv6v.fsf@chiark.greenend.org.uk> Philipp Marek writes: > > Future Deprecation Notice > > ========================= > > > > The 7.0 release of OpenSSH, due for release in late July, will > > deprecate several features, some of which may affect compatibility > > or existing configurations. The intended changes are as follows: > > > > * The default for the sshd_config(5) PermitRootLogin option will > > change from "yes" to "no". > Uh, wouldn't "without-password" be a better alternative than "no"? I agree (quite strongly) - it's not like an admin is going to accidentally set up an authorized_keys file for root. PermitRootLogin without-password seems the correct default - it stops password-attacks on root and makes it easy for admins to set up key-based access. Regards, Matthew -- "At least you know where you are with Microsoft." "True. I just wish I'd brought a paddle." http://www.debian.org From bostjan at a2o.si Wed Jul 22 01:01:12 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Tue, 21 Jul 2015 17:01:12 +0200 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <5blhe9tv6v.fsf@chiark.greenend.org.uk> References: <5620606096372553010.enqueue@cvs.openbsd.org> <20150701073432.GS12080@cacao.linbit> <5blhe9tv6v.fsf@chiark.greenend.org.uk> Message-ID: +1 b. On 21 July 2015 at 16:57, Matthew Vernon wrote: > Philipp Marek writes: > > > > Future Deprecation Notice > > > ========================= > > > > > > The 7.0 release of OpenSSH, due for release in late July, will > > > deprecate several features, some of which may affect compatibility > > > or existing configurations. The intended changes are as follows: > > > > > > * The default for the sshd_config(5) PermitRootLogin option will > > > change from "yes" to "no". > > Uh, wouldn't "without-password" be a better alternative than "no"? > > I agree (quite strongly) - it's not like an admin is going to > accidentally set up an authorized_keys file for root. PermitRootLogin > without-password seems the correct default - it stops password-attacks > on root and makes it easy for admins to set up key-based access. > > Regards, > > Matthew > > -- > "At least you know where you are with Microsoft." > "True. I just wish I'd brought a paddle." > http://www.debian.org > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > From mail at rotty.xx.vu Wed Jul 22 08:29:17 2015 From: mail at rotty.xx.vu (Andreas Rottmann) Date: Wed, 22 Jul 2015 00:29:17 +0200 Subject: Feature request/RFC: sftp-chroot authorized_keys option Message-ID: <87io9dno02.fsf@delenn.home.rotty.xx.vu> Hi! [ If this is the wrong mailing list for such requests, please apologize and direct me to the right one ] Since I have a particular use case for it[0], I wonder if it would be possible to implement a key based (i.e. configured via ~/.ssh/authorized_keys option) restriction to allow sftp access to a specific directory only. I'm aware that I can restrict a specific key to use sftp only using 'command="internal-sftp"', but I want to impose an additional restriction to a specific directory, e.g. by adding 'sftp-chroot="/some/directory"'. This is already possible on a per-user basis in sshd_config using ChrootDirectory, but my question is: - Would it be possible to implement this feature on a per-key basis within the current architecture of OpenSSH (i.e. without major tweaks to the codebase)? - If so, is this a feature that would be considered worthwhile enough to be considered for inclusion, should someone step up and provide a reasonable implementation? If the answer is no to either of the above questions, I'd like to hear that reasoning of well, of course. If that feature is deemed both implementable (without affecting the OpenSSH architecture) and worthwhile, I might try my hand at it, although note that I'm both a newbie to the OpenSSH project's development, and would do this in my spare time, thus it'd probably take a while, and require (quite?) a bit of steering/review. If anyone has ideas (e.g. areas of code that would require changes) of how that feature can/should be implemented, or would like to implement it themselves, I'm all ears :-). [0] For the specific use case I mentioned: I'd like for my mobile device to have SFTP access, restricted to a specific directory on my server. It should have access using my regular account, such that access permissions between my regular shell account and the files created by the mobile device are compatible. Currently I solve this use case using a combination of access via WebDAV and POSIX ACLs, but I'd prefer an SSH-based solution for its stronger authentication/crypto, not requiring ACLs, and avoiding UIDs differing between files created by the WebDAV httpd and the shell account. Regards, Rotty -- Andreas Rottmann -- From bostjan at a2o.si Wed Jul 22 21:56:01 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Wed, 22 Jul 2015 13:56:01 +0200 Subject: Feature request/RFC: sftp-chroot authorized_keys option In-Reply-To: <87io9dno02.fsf@delenn.home.rotty.xx.vu> References: <87io9dno02.fsf@delenn.home.rotty.xx.vu> Message-ID: One alternative implementation might be to create additional user for mobile device, which: - shares UID/GID with your current/main user - has homedir is set somewhere inside main user's homedir - has shell set to /sbin/nologin (or similar) - is chrooted to his homedir via ssh The downside is that this mobile user might be able to manage own ssh keys, which might or might not be preferable in your case. That said, I find your suggestion quite intriguing, especially the bit that (implicitly) prohibits management of own authorized keys. b. On 22 July 2015 at 00:29, Andreas Rottmann wrote: > Hi! > > [ If this is the wrong mailing list for such requests, please apologize > and direct me to the right one ] > > Since I have a particular use case for it[0], I wonder if it would be > possible to implement a key based (i.e. configured via > ~/.ssh/authorized_keys option) restriction to allow sftp access to a > specific directory only. I'm aware that I can restrict a specific key to > use sftp only using 'command="internal-sftp"', but I want to impose an > additional restriction to a specific directory, e.g. by adding > 'sftp-chroot="/some/directory"'. This is already possible on a per-user > basis in sshd_config using ChrootDirectory, but my question is: > > - Would it be possible to implement this feature on a per-key basis > within the current architecture of OpenSSH (i.e. without major tweaks > to the codebase)? > - If so, is this a feature that would be considered worthwhile enough to > be considered for inclusion, should someone step up and provide a > reasonable implementation? > > If the answer is no to either of the above questions, I'd like to hear > that reasoning of well, of course. > > If that feature is deemed both implementable (without affecting the > OpenSSH architecture) and worthwhile, I might try my hand at it, > although note that I'm both a newbie to the OpenSSH project's > development, and would do this in my spare time, thus it'd probably take > a while, and require (quite?) a bit of steering/review. > > If anyone has ideas (e.g. areas of code that would require changes) of > how that feature can/should be implemented, or would like to implement > it themselves, I'm all ears :-). > > > [0] For the specific use case I mentioned: I'd like for my mobile device > to have SFTP access, restricted to a specific directory on my > server. It should have access using my regular account, such that > access permissions between my regular shell account and the files > created by the mobile device are compatible. > > Currently I solve this use case using a combination of access via > WebDAV and POSIX ACLs, but I'd prefer an SSH-based solution for its > stronger authentication/crypto, not requiring ACLs, and avoiding > UIDs differing between files created by the WebDAV httpd and the > shell account. > > Regards, Rotty > -- > Andreas Rottmann -- > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev From phil at hands.com Thu Jul 23 00:53:45 2015 From: phil at hands.com (Philip Hands) Date: Wed, 22 Jul 2015 15:53:45 +0100 Subject: Announce: OpenSSH 6.9 released In-Reply-To: <5blhe9tv6v.fsf@chiark.greenend.org.uk> References: <5620606096372553010.enqueue@cvs.openbsd.org> <5620606096372553010.enqueue@cvs.openbsd.org> <20150701073432.GS12080@cacao.linbit> <5blhe9tv6v.fsf@chiark.greenend.org.uk> Message-ID: <87pp3k9rba.fsf@whist.hands.com> Matthew Vernon writes: > Philipp Marek writes: > >> > Future Deprecation Notice >> > ========================= >> > >> > The 7.0 release of OpenSSH, due for release in late July, will >> > deprecate several features, some of which may affect compatibility >> > or existing configurations. The intended changes are as follows: >> > >> > * The default for the sshd_config(5) PermitRootLogin option will >> > change from "yes" to "no". >> Uh, wouldn't "without-password" be a better alternative than "no"? > > I agree (quite strongly) - it's not like an admin is going to > accidentally set up an authorized_keys file for root. PermitRootLogin > without-password seems the correct default - it stops password-attacks > on root and makes it easy for admins to set up key-based access. Nice to see that you've (finally) seen the light ;-) For the reasoning behind the selection of "no" over "without-password" see Damien's comments here: https://bugzilla.mindrot.org/show_bug.cgi?id=2164#c3 I think he's probably right from the point of view of upstream, but that distros should ship with a default config that enables without-password. To encourage that, I'd think that the default config should contain the 'without-password' setting, even if the binary defaults to 'no'. A possibly better option (also mentioned in the bug) would be when 'without-password' is set, to look to see if there are any keys that might be used for root logins at start-up, and if none are available then run as though 'no' had been set. The only downside I can think of with that being that you'd then need a SIGHUP to have the running daemon notice when you add the first authorised key for root. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 818 bytes Desc: not available URL: From scott_n at xypro.com Thu Jul 23 05:41:54 2015 From: scott_n at xypro.com (Scott Neugroschl) Date: Wed, 22 Jul 2015 19:41:54 +0000 Subject: Keyboard Interactive Attack? Message-ID: I read an article today about keyboard interactive auth allowing bruteforcing. I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | From bostjan at a2o.si Thu Jul 23 06:56:24 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Wed, 22 Jul 2015 22:56:24 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: And to answer your question about what to do, you have three options: - disable access to ssh with a firewall - disable password authentication - install and enable IDS to mitigate brute forcing b. On 22 July 2015 at 22:54, Bostjan Skufca wrote: > I just stumbled upon this story too (on /.), and as far as I > understand it, it allows a bit simpler way to perform brute force > attacks. > > If you go about bruteforcing ssh, does it really matter that much if > you do it over one or 10 tcp connections? > > If you do not have IDS (Intrusion Detection System, fail2ban or ossec > HIDS) installed and functioning, this bug does not matter all that > much. Determined attacker has this covered, regardles of number of > kbd-interactive attempts you allow per single connection. > > b. > > PS: Actually I tried the proof of concept + patch provided for ssh. > Openssh, patched with this patch, does not even compile. > > On 22 July 2015 at 21:41, Scott Neugroschl wrote: >> I read an article today about keyboard interactive auth allowing bruteforcing. >> >> I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? >> >> >> --- >> Scott Neugroschl | XYPRO Technology Corporation >> 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | >> >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev at mindrot.org >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev From keisial at gmail.com Thu Jul 23 06:56:03 2015 From: keisial at gmail.com (=?ISO-8859-1?Q?=C1ngel_Gonz=E1lez?=) Date: Wed, 22 Jul 2015 22:56:03 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: <55B00363.6040707@gmail.com> On 22/07/15 21:41, Scott Neugroschl wrote: > I read an article today about keyboard interactive auth allowing bruteforcing. > > I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? keyboard-interactive would ask the user for a password. You could be doing something a bit different through PAM, but given your query, you probably aren't, and both password and keyboard-interactive are basically equivalent on your system. Does it allow bruteforcing? Yes, they could attempt to your users passwords. But they are using safe passwords, right? My advise is: * Disable password authentication for root (PermitRootLogin to no or without-password). This is by far the most attacked account, annd the one they can do most damage through. * Do not allow users to simple passwords (at the very least, the password must not contain the username). * Ban ips after X failures (use a tool like fail2ban) * Locking out account after X password failures may be an appropiate measure, but largely depends on your setup (eg. How should the lock expire or shall the unlock be manual? Can your clients call your helpdesk and get unlocked?). This would be configured through pam. Best regards From bostjan at a2o.si Thu Jul 23 06:54:25 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Wed, 22 Jul 2015 22:54:25 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: I just stumbled upon this story too (on /.), and as far as I understand it, it allows a bit simpler way to perform brute force attacks. If you go about bruteforcing ssh, does it really matter that much if you do it over one or 10 tcp connections? If you do not have IDS (Intrusion Detection System, fail2ban or ossec HIDS) installed and functioning, this bug does not matter all that much. Determined attacker has this covered, regardles of number of kbd-interactive attempts you allow per single connection. b. PS: Actually I tried the proof of concept + patch provided for ssh. Openssh, patched with this patch, does not even compile. On 22 July 2015 at 21:41, Scott Neugroschl wrote: > I read an article today about keyboard interactive auth allowing bruteforcing. > > I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? > > > --- > Scott Neugroschl | XYPRO Technology Corporation > 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev From keisial at gmail.com Thu Jul 23 09:00:33 2015 From: keisial at gmail.com (=?ISO-8859-1?Q?=C1ngel_Gonz=E1lez?=) Date: Thu, 23 Jul 2015 01:00:33 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: <55B02091.2070209@gmail.com> On 22/07/15 22:54, Bostjan Skufca wrote: > I just stumbled upon this story too (on /.), and as far as I > understand it, it allows a bit simpler way to perform brute force > attacks. Thanks for the pointer, Bostjan: http://it.slashdot.org/story/15/07/22/1715244/bug-exposes-openssh-servers-to-brute-force-password-guessing-attacks https://www.reddit.com/r/netsec/comments/3dnzcq/openssh_keyboardinteractive_authentication_brute/ https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ From mancha1 at zoho.com Thu Jul 23 09:03:28 2015 From: mancha1 at zoho.com (mancha) Date: Wed, 22 Jul 2015 23:03:28 +0000 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: <20150722230328.GA7017@zoho.com> On Wed, Jul 22, 2015 at 07:41:54PM +0000, Scott Neugroschl wrote: > I read an article today about keyboard interactive auth allowing > bruteforcing. > > I'm afraid I have minimal understanding of what keyboard-interactive > really does. What does it do, and should I have my clients set it to > off in sshd_config? Hi. A bug in the keyboard-interactive codebase allows querying a keyboard-interactive device more than once per auth request. By sending a comma-delimited keyboard-interactive device list with repeats (e.g. "pam, pam, pam, ..."), one can circumvent an OpenSSH server's MaxAuthTries restriction. That's the crux of the issue. Attached patch fixes. --mancha -------------- next part -------------- From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001 From: "djm at openbsd.org" Date: Sat, 18 Jul 2015 07:57:14 +0000 Subject: [PATCH] upstream commit Query each keyboard-interactive device only once per authentication request regardless of how many times it is listed; ok markus@ Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 Reference-ID: 701a201481b751df5ed85b68de259637 --- auth2-chall.c | 11 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) --- a/auth2-chall.c +++ b/auth2-chall.c @@ -83,6 +83,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From scott_n at xypro.com Thu Jul 23 09:27:34 2015 From: scott_n at xypro.com (Scott Neugroschl) Date: Wed, 22 Jul 2015 23:27:34 +0000 Subject: Keyboard Interactive Attack? In-Reply-To: <55B00363.6040707@gmail.com> References: <55B00363.6040707@gmail.com> Message-ID: On 22/07/15 13:56, ?ngel Gonz?lez wrote: >On 22/07/15 21:41, Scott Neugroschl wrote: >> I read an article today about keyboard interactive auth allowing bruteforcing. >> >> I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? >keyboard-interactive would ask the user for a password. You could be doing something a bit different through PAM, but given your query, you probably aren't, and >both password and keyboard-interactive are basically equivalent on your system. What is the difference between password and keyboard-interactive? From ronf at timeheart.net Thu Jul 23 09:31:35 2015 From: ronf at timeheart.net (Ron Frederick) Date: Wed, 22 Jul 2015 16:31:35 -0700 Subject: Keyboard Interactive Attack? In-Reply-To: References: Message-ID: <1D315B71-E318-42CF-9654-0DAFA02407E2@timeheart.net> You need to disable ?ChallengeResponse? (aka keyboard-interactive) authentication, not password authentication, to protect against this attack. On Jul 22, 2015, at 1:56 PM, Bostjan Skufca wrote: > > And to answer your question about what to do, you have three options: > - disable access to ssh with a firewall > - disable password authentication > - install and enable IDS to mitigate brute forcing > > b. > > > On 22 July 2015 at 22:54, Bostjan Skufca wrote: >> I just stumbled upon this story too (on /.), and as far as I >> understand it, it allows a bit simpler way to perform brute force >> attacks. >> >> If you go about bruteforcing ssh, does it really matter that much if >> you do it over one or 10 tcp connections? >> >> If you do not have IDS (Intrusion Detection System, fail2ban or ossec >> HIDS) installed and functioning, this bug does not matter all that >> much. Determined attacker has this covered, regardles of number of >> kbd-interactive attempts you allow per single connection. >> >> b. >> >> PS: Actually I tried the proof of concept + patch provided for ssh. >> Openssh, patched with this patch, does not even compile. >> >> On 22 July 2015 at 21:41, Scott Neugroschl wrote: >>> I read an article today about keyboard interactive auth allowing bruteforcing. >>> >>> I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? >>> >>> >>> --- >>> Scott Neugroschl | XYPRO Technology Corporation >>> 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | -- Ron Frederick ronf at timeheart.net From bostjan at a2o.si Thu Jul 23 09:54:48 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Thu, 23 Jul 2015 01:54:48 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: <20150722230328.GA7017@zoho.com> References: <20150722230328.GA7017@zoho.com> Message-ID: Thanks for clarification. One question though: As far as I have tested openssh, it logs every unsuccessful authentication attempt on the very moment it becomes unsuccessful, not after the connection is closed (after timeout or when reaching max auth attempts). Is this true or not even for this attack or not? Because if it is true, if there is a IDS system that bans IP after X failed logins, there should not be any problem. But if logging is deferred for any reason, then IDS can not detect the attack in timely manner. b. On 23 July 2015 at 01:03, mancha wrote: > On Wed, Jul 22, 2015 at 07:41:54PM +0000, Scott Neugroschl wrote: >> I read an article today about keyboard interactive auth allowing >> bruteforcing. >> >> I'm afraid I have minimal understanding of what keyboard-interactive >> really does. What does it do, and should I have my clients set it to >> off in sshd_config? > > Hi. > > A bug in the keyboard-interactive codebase allows querying a > keyboard-interactive device more than once per auth request. > > By sending a comma-delimited keyboard-interactive device list with > repeats (e.g. "pam, pam, pam, ..."), one can circumvent an OpenSSH > server's MaxAuthTries restriction. > > That's the crux of the issue. > > Attached patch fixes. > > --mancha > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > From scott_n at xypro.com Thu Jul 23 09:59:24 2015 From: scott_n at xypro.com (Scott Neugroschl) Date: Wed, 22 Jul 2015 23:59:24 +0000 Subject: Keyboard Interactive Attack? In-Reply-To: <1D315B71-E318-42CF-9654-0DAFA02407E2@timeheart.net> References: <1D315B71-E318-42CF-9654-0DAFA02407E2@timeheart.net> Message-ID: On Wednesday, July 22, 2015 4:32 PM, Ron Frederick wrote: > You need to disable ?ChallengeResponse? (aka keyboard-interactive) authentication, not password authentication, to protect against this attack. Thank you, Ron. From opensshdev at r.paypc.com Thu Jul 23 10:22:12 2015 From: opensshdev at r.paypc.com (Malcolm) Date: Wed, 22 Jul 2015 17:22:12 -0700 Subject: Keyboard Interactive Attack? In-Reply-To: References: <1D315B71-E318-42CF-9654-0DAFA02407E2@timeheart.net> Message-ID: <1437610932.55b033b4c3f514.83014006@www.paypc.com> Quoting Scott Neugroschl : > > On Wednesday, July 22, 2015 4:32 PM, Ron Frederick wrote: > > > You need to disable "ChallengeResponse" (aka keyboard-interactive) > authentication, not password authentication, to protect against this > attack. While that will probably do it on most setups, to be absolutely certain, the actual setting in sshd_config is: KbdInteractiveAuthentication Per the sshd_config man page, if it's not explicitly set, it will copy the setting of ChallengeResponseAuthentication, which defaults to "yes". So Ron's advice will probably work for most people, but not for those where they've set KbdInteractiveAuthentication to yes. If each attempt triggers a password failure logging entry, people running IDS or log-watching IP-ban daemons probably don't have any increased risk. Keep in mind this is something that in some system configurations can gently assist a remote password cracker, and isn't an "exploit". Cheers, =R= From djm at mindrot.org Thu Jul 23 11:08:54 2015 From: djm at mindrot.org (Damien Miller) Date: Thu, 23 Jul 2015 11:08:54 +1000 (AEST) Subject: Keyboard Interactive Attack? In-Reply-To: <1437610932.55b033b4c3f514.83014006@www.paypc.com> References: <1D315B71-E318-42CF-9654-0DAFA02407E2@timeheart.net> <1437610932.55b033b4c3f514.83014006@www.paypc.com> Message-ID: On Wed, 22 Jul 2015, Malcolm wrote: > Keep in mind this is something that in some system configurations can gently > assist a remote password cracker, and isn't an "exploit". Yeah, it just reduces the number of connections an attacker has to make to attempt password guessing. It doesn't speed up the guesses themselves or evade failure delays for wrong guesses. The patch is already committed as https://anongit.mindrot.org/openssh.git/patch/?id=5b64f85bb811246c59ebab and the plan is to release it in OpenSSH 7.0, which is due in a few weeks. -d From ronf at timeheart.net Thu Jul 23 12:37:27 2015 From: ronf at timeheart.net (Ron Frederick) Date: Wed, 22 Jul 2015 19:37:27 -0700 Subject: Keyboard Interactive Attack? In-Reply-To: References: <55B00363.6040707@gmail.com> Message-ID: On Jul 22, 2015, at 4:27 PM, Scott Neugroschl wrote: > On 22/07/15 13:56, ?ngel Gonz?lez wrote: >> On 22/07/15 21:41, Scott Neugroschl wrote: >>> I read an article today about keyboard interactive auth allowing bruteforcing. >>> >>> I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? >> keyboard-interactive would ask the user for a password. You could be doing something a bit different through PAM, but given your query, you probably aren't, and >both password and keyboard-interactive are basically equivalent on your system. > > What is the difference between password and keyboard-interactive? They?re different methods for an SSH client & server to pass password information needed to authenticate the user. Keyboard-interactive can do any type of challenge/response (including multiple of them for a single authentication), and each challenge can display an arbitrary message and prompt. Password authentication, on the other hand, is much simpler, only allowing a single password challenge in most cases, with a fixed prompt. The only exception is if when the server wants to force the user to change their password. In the case of this attack, it only applies to the newer keyboard-interactive authentication, as it relies on the client sending a list of ?submethods? for what forms of authentication the server should attempt, specifying PAM authentication over and over. This information cannot be sent from the client when password authentication is requested. -- Ron Frederick ronf at timeheart.net From ronf at timeheart.net Thu Jul 23 12:33:07 2015 From: ronf at timeheart.net (Ron Frederick) Date: Wed, 22 Jul 2015 19:33:07 -0700 Subject: Keyboard Interactive Attack? In-Reply-To: References: <20150722230328.GA7017@zoho.com> Message-ID: On Jul 22, 2015, at 4:54 PM, Bostjan Skufca wrote: > Thanks for clarification. > > One question though: > As far as I have tested openssh, it logs every unsuccessful > authentication attempt on the very moment it becomes unsuccessful, not > after the connection is closed (after timeout or when reaching max > auth attempts). Is this true or not even for this attack or not? > > Because if it is true, if there is a IDS system that bans IP after X > failed logins, there should not be any problem. But if logging is > deferred for any reason, then IDS can not detect the attack in timely > manner. I would expect the attempts to each be logged immediately in most cases, so it?s true that something scanning the logs should be able to add new IDS rules without waiting for the connection to close. I?m not all that familiar with the scripts that do that, though. It?s possible in some cases that established connections might not be subject to the new rules, even if they are added quickly. It?s quite common to have an ?early? rule in the list that allows established connections to speed up the processing, for instance. If that?s the case, additional password attempts on that already open connection could still be let through. In the example presented, this could allow 30,000 password attempts before the connection is closed unless some other timeout kicked in before that. As Damien said, though, anything in PAM itself which adds failure delays would still apply, though, as would any kind of account lockout on too many bad attempts. -- Ron Frederick ronf at timeheart.net From bostjan at a2o.si Thu Jul 23 13:02:39 2015 From: bostjan at a2o.si (Bostjan Skufca) Date: Thu, 23 Jul 2015 05:02:39 +0200 Subject: Keyboard Interactive Attack? In-Reply-To: References: <20150722230328.GA7017@zoho.com> Message-ID: On 23 July 2015 at 04:33, Ron Frederick wrote: > On Jul 22, 2015, at 4:54 PM, Bostjan Skufca wrote: > > Thanks for clarification. > > > > One question though: > > As far as I have tested openssh, it logs every unsuccessful > > authentication attempt on the very moment it becomes unsuccessful, not > > after the connection is closed (after timeout or when reaching max > > auth attempts). Is this true or not even for this attack or not? > > > > Because if it is true, if there is a IDS system that bans IP after X > > failed logins, there should not be any problem. But if logging is > > deferred for any reason, then IDS can not detect the attack in timely > > manner. > > I would expect the attempts to each be logged immediately in most cases, > so it?s true that something scanning the logs should be able to add new IDS > rules without waiting for the connection to close. I?m not all that > familiar with the scripts that do that, though. It?s possible in some cases > that established connections might not be subject to the new rules, even if > they are added quickly. It?s quite common to have an ?early? rule in the > list that allows established connections to speed up the processing, for > instance. If that?s the case, additional password attempts on that already > open connection could still be let through. > I don't think adding new rules is necessary, if this behaviour produces average log messages about failed logins. In the example presented, this could allow 30,000 password attempts before > the connection is closed unless some other timeout kicked in before that. > As Damien said, though, anything in PAM itself which adds failure delays > would still apply, though, as would any kind of account lockout on too many > bad attempts. > Trying 30.000 passwords takes time, even over 1Gbps lan connection. It is true there is some time buffer and usually, if attacker is really fast, s/he might get more attempts before IDS kicks in, but usually we are talking about sub-second delays here. BTW does anyone know a decent ssh scanner that is fast, so I can test my OSSEC HIDS installation for what is described in paragraph above? Tnx. b. > -- > Ron Frederick > ronf at timeheart.net > > > > From lars.bahner at gmail.com Fri Jul 24 04:15:35 2015 From: lars.bahner at gmail.com (Lars Bahner) Date: Thu, 23 Jul 2015 20:15:35 +0200 Subject: Feature request Message-ID: Hepp! I am sitting in a remote country trying to reboot my server at home. Services are running, but the filesystem seems to be unreachable. I can ssh into the system, but when entering interactive mode, nothing happens and the session is terminated. Then I thought - what if sshd had builtins like bash, so that i could send a "reboot" command to the ssh daemon instead "ssh system /sbin/reboot" andd sshd could tell PID 1 to reboot. There are, of course, a lot things to think about here, but I really think this would be a good thing to think about implementing. It sure would've helped me now. -- Mvh, Lars Bahner From howard.m.kash.civ at mail.mil Fri Jul 24 05:55:06 2015 From: howard.m.kash.civ at mail.mil (Kash, Howard M CIV USARMY ARL (US)) Date: Thu, 23 Jul 2015 19:55:06 +0000 Subject: Cisco vs. 6.9 Message-ID: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> After upgrading a Linux system from OpenSSH 6.7 to 6.9, Cisco switches/routers can no longer scp config files to/from the system. The last debug entry before the Cisco device closes the connection is "debug1: server_input_channel_open: confirm session". The next line is "Connection closed by x.x.x.x". Anyone else seen this or know of a fix? The Cisco device gives "Undefined error" when scp'ing a config file from the server, and "Permission denied" (probably not the correct error message) when scp'ing a file to the server. Works fine after reverting to 6.7. Cisco device is running IOS 15.1(2). Thanks, Howard -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5583 bytes Desc: not available URL: From tim at multitalents.net Fri Jul 24 06:13:13 2015 From: tim at multitalents.net (Tim Rice) Date: Thu, 23 Jul 2015 13:13:13 -0700 (PDT) Subject: Feature request In-Reply-To: References: Message-ID: On Thu, 23 Jul 2015, Lars Bahner wrote: > Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, > nothing happens and the session is terminated. Then I thought - > what if sshd had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot. With filesystem problems you may not be able to read/execute /sbin/reboot. Use a public key to do wahat wou want. Something like this in root's authorizd_keys file. from="",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding > > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It > sure would've helped me now. > -- Tim Rice Multitalents tim at multitalents.net From scott_n at xypro.com Fri Jul 24 06:50:53 2015 From: scott_n at xypro.com (Scott Neugroschl) Date: Thu, 23 Jul 2015 20:50:53 +0000 Subject: Feature request In-Reply-To: References: Message-ID: On Thu, 23 Jul 2015, Lars Bahner wrote: > Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, nothing > happens and the session is terminated. Then I thought - what if sshd > had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot. Tim Rice then said: With filesystem problems you may not be able to read/execute /sbin/reboot. Use a public key to do wahat wou want. Something like this in root's authorizd_keys file. from="",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding > > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It sure > would've helped me now. > Of course, this presumes that he's logging in as root. If he's got a distro which disables root login, he's screwed, because he'd need to log in and sudo. From Eric.Wedaa at marist.edu Fri Jul 24 08:09:28 2015 From: Eric.Wedaa at marist.edu (Eric Wedaa) Date: Thu, 23 Jul 2015 18:09:28 -0400 Subject: Feature request In-Reply-To: References: , Message-ID: And of course there's always the old standby in /etc/passwd (obviously change the account name) secretshutdown:x:0:0:root:/root:/sbin/shutdown And it presupposes that root logins are allowed (which is asking for trouble). >>>Ericw From keisial at gmail.com Fri Jul 24 08:37:26 2015 From: keisial at gmail.com (=?ISO-8859-1?Q?=C1ngel_Gonz=E1lez?=) Date: Fri, 24 Jul 2015 00:37:26 +0200 Subject: Feature request In-Reply-To: References: Message-ID: <55B16CA6.5020909@gmail.com> On 23/07/15 22:13, Tim Rice wrote: > On Thu, 23 Jul 2015, Lars Bahner wrote: > >> Hepp! >> >> I am sitting in a remote country trying to reboot my server at home. >> Services are running, but the filesystem seems to be unreachable. >> I can ssh into the system, but when entering interactive mode, >> nothing happens and the session is terminated. Then I thought - >> what if sshd had builtins like bash, so that i could send a "reboot" >> command to the ssh daemon instead "ssh system /sbin/reboot" >> andd sshd could tell PID 1 to reboot. > With filesystem problems you may not be able to read/execute /sbin/reboot. > > Use a public key to do wahat wou want. Something like this in > root's authorizd_keys file. > > from="",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding AFAIK he is proposing builtins precisely so the reboot code is already in the sshd binary. However, if your fs is broken, you may not be able to even log in (can't read passwd or authorized_keys). PS: Per Murphy law, your server will not reboot cleanly until you are phisically in front of it. From lars.bahner at gmail.com Fri Jul 24 08:42:03 2015 From: lars.bahner at gmail.com (Lars Bahner) Date: Thu, 23 Jul 2015 22:42:03 +0000 Subject: Feature request In-Reply-To: References: Message-ID: I appreciate all the answers, but none of addresses the issue of not being able to address the filesystem. I understand that complexity increases, but would it be less secure to add some builtin commands / function some way? IF I am logged in and allowed to spawn bash, why couldn't I also be allowed to run (some given) commands that are preloaded or hardcoded in the daemon. The reboot example is probably the most important one. Would it really be so dangerous to program a builtin reboot command into ssh, in order to reboot a system that has lost file access? I think a good discussion on the topic here could prove valuable. You could of course drag this too far an build busybox into ssh, but some of the SysRqs could probably be made accessible to sshd. Just having a builtin "echo" and I good do something like "echo b > /proc/sysrq-trigger". Maybe add sysrqd functionality? I am not saying this is necessary or that it doesn't raise concerns, I am saying this could be really helpful if it could be implemented well. Kind regards, bahner fre. 24. jul. 2015 kl. 00.09 skrev Eric Wedaa : > And of course there's always the old standby in /etc/passwd (obviously > change the account name) > > secretshutdown:x:0:0:root:/root:/sbin/shutdown > > And it presupposes that root logins are allowed (which is asking for > trouble). > > >>>Ericw > From rhammond at databit7.com Fri Jul 24 08:52:39 2015 From: rhammond at databit7.com (Robin David Hammond) Date: Thu, 23 Jul 2015 22:52:39 +0000 Subject: Feature request In-Reply-To: References: Message-ID: <55B17037.9050000@databit7.com> Next time, think Lights Out Management. On 23/07/15 18:15, Lars Bahner wrote: > Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, > nothing happens and the session is terminated. Then I thought - > what if sshd had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot. > > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It > sure would've helped me now. > -------------- next part -------------- A non-text attachment was scrubbed... Name: rhammond.vcf Type: text/x-vcard Size: 234 bytes Desc: not available URL: From peter at stuge.se Fri Jul 24 09:00:17 2015 From: peter at stuge.se (Peter Stuge) Date: Fri, 24 Jul 2015 01:00:17 +0200 Subject: Feature request In-Reply-To: References: Message-ID: <20150723230017.3111.qmail@stuge.se> Lars Bahner wrote: > Maybe add sysrqd functionality? > > I am not saying this is necessary or that it doesn't raise concerns, I am > saying this could be really helpful if it could be implemented well. The way to do this would be with an internal subsystem, the same way that internal-sftp works. //Peter From mstone at mathom.us Fri Jul 24 09:51:32 2015 From: mstone at mathom.us (Michael Stone) Date: Thu, 23 Jul 2015 19:51:32 -0400 Subject: Feature request In-Reply-To: References: Message-ID: <73eceea8-3195-11e5-9b6a-00163eeb5320@msgid.mathom.us> On Thu, Jul 23, 2015 at 10:42:03PM +0000, Lars Bahner wrote: >I appreciate all the answers, but none of addresses the issue of not being >able to address the filesystem. Well, your best bet is physical access, the next best is an out of band console. Playing games with ssh builtin commands is just a waste of time if you can't rely on the filesystem. Mike Stone From dtucker at zip.com.au Fri Jul 24 10:57:13 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Fri, 24 Jul 2015 10:57:13 +1000 Subject: Feature request In-Reply-To: <73eceea8-3195-11e5-9b6a-00163eeb5320@msgid.mathom.us> References: <73eceea8-3195-11e5-9b6a-00163eeb5320@msgid.mathom.us> Message-ID: On Fri, Jul 24, 2015 at 9:51 AM, Michael Stone wrote: > On Thu, Jul 23, 2015 at 10:42:03PM +0000, Lars Bahner wrote: > >> I appreciate all the answers, but none of addresses the issue of not being >> able to address the filesystem. >> > > Well, your best bet is physical access, the next best is an out of band > console. Playing games with ssh builtin commands is just a waste of time if > you can't rely on the filesystem. > And in fact sshd itself also relies on the filesystem because one of the first things it does is reexec itself to get a new set of runtime randomization such as ASLR. You might get away with a broken disk if sshd is still in the buffer cache but it's by no means guaranteed. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From opensshdev at r.paypc.com Fri Jul 24 14:24:32 2015 From: opensshdev at r.paypc.com (Malcolm) Date: Thu, 23 Jul 2015 21:24:32 -0700 Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> Message-ID: <1437711872.55b1be00b44147.10347432@www.paypc.com> Quoting "Kash, Howard M CIV USARMY ARL (US)" : > After upgrading a Linux system from OpenSSH 6.7 to 6.9, Cisco > switches/routers can no longer scp config files to/from the system. The > last debug entry before the Cisco device closes the connection is "debug1: > server_input_channel_open: confirm session". Many aging ciphers, hashes, and key exchanges are in the process of being retired. <1kbit Diffie Hellman moduli have been removed as well in 6.9, I believe. If the Ciscos rely on <1kbit DH moduli or SHA1/MD5 hash based proposals to work, that could be your problem. A comparison of the two versions' output from: (ssh -Q kex ; ssh -Q mac ; ssh -Q cipher) MAY help narrow it down, but I think you'll need to enable protocol debug logging on the server side and see which proposals that the Cisco is using that's no longer available in 6.9 (by default). You may just need to add two or three lines to 6.9's sshd_config file, i.e., KexAlgorithms/MACs/Ciphers. If it's a modulus size issue, you can use the moduli file from the 6.7 release in 6.9, though the small moduli have been removed for good reason. It's a good reminder for all of us to re-inventory key exchanges, macs, ciphers, for all of the core services that need suitable information security. I've been amazed at how much cruft has accumulated in OpenSSL, and how many downstream clients have inherited so much "bad" code for so long as a result. Building OpenSSH without OpenSSL at all would be great, except I'd kill ssh access for everyone but my development and system engineers. :/ (The dream of curve25519-sha256/chacha20-poly1305-for-all is still a pipe dream for many.) Happy hunting! =R= From pch-openssh at u-1.phicoh.com Fri Jul 24 17:17:47 2015 From: pch-openssh at u-1.phicoh.com (Philip Homburg) Date: Fri, 24 Jul 2015 09:17:47 +0200 Subject: patch to fetch sshfp using getdns Message-ID: Hi, Here is a patch to fetch sshfp DNS records using getdns instead of ldns. Enable using --with-getdns. The original ldns code is still there. Getdns solves two problem with ldns: it know where the root trust anchors lives and it can handle recursive resolvers that are not dnssec-aware. diff --git a/configure.ac b/configure.ac index 9b05c30..7c0fd88 100644 --- a/configure.ac +++ b/configure.ac @@ -1459,6 +1459,38 @@ int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); s ] ) +# Check whether user wants to use getdns +GETDNS_MSG="no" +AC_ARG_WITH(getdns, + [ --with-getdns[[=PATH]] Use getdns for DNSSEC support (optionally in PATH)], + [ + if test "x$withval" != "xno" ; then + + if test "x$withval" != "xyes" ; then + CPPFLAGS="$CPPFLAGS -I${withval}/include" + LDFLAGS="$LDFLAGS -L${withval}/lib" + fi + + AC_DEFINE(HAVE_GETDNS, 1, [Define if you want getdns support]) + LIBS="-lgetdns $LIBS" + GETDNS_MSG="yes" + + AC_MSG_CHECKING([for getdns support]) + AC_LINK_IFELSE( + [AC_LANG_SOURCE([[ +#include +int main() { getdns_context *this_context; getdns_return_t status = getdns_context_create(&this_context, 1); return (status == GETDNS_RETURN_GOOD ? 0 : 1); } + ]]) + ], + [AC_MSG_RESULT(yes)], + [ + AC_MSG_RESULT(no) + AC_MSG_ERROR([** Incomplete or missing getdns libraries.]) + ]) + fi + ] +) + # Check whether user wants libedit support LIBEDIT_MSG="no" AC_ARG_WITH([libedit], diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 3c5e3b7..24b52b3 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in @@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o -COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o +COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-getdns.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o diff --git a/openbsd-compat/getrrsetbyname-getdns.c b/openbsd-compat/getrrsetbyname-getdns.c new file mode 100644 index 0000000..a2dc147 --- /dev/null +++ b/openbsd-compat/getrrsetbyname-getdns.c @@ -0,0 +1,322 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2015 Philip Homburg + * Copyright (c) 2007 Simon Vallet / Genoscope + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" + +#if !defined (HAVE_GETRRSETBYNAME) && defined (HAVE_GETDNS) + +#include +#include + +#include + +#include "getrrsetbyname.h" +#include "log.h" +#include "xmalloc.h" + +#define malloc(x) (xmalloc(x)) +#define calloc(x, y) (xcalloc((x),(y))) + + +int +getrrsetbyname(const char *hostname, unsigned int rdclass, + unsigned int rdtype, unsigned int flags, + struct rrsetinfo **res) +{ + int result, dnssec_status; + getdns_return_t this_ret; /* Holder for all function returns */ + uint32_t this_error; + getdns_context *this_context = NULL; + getdns_dict * this_extensions = NULL; + getdns_dict * this_response = NULL; + getdns_list *replies_tree_list; + getdns_dict *reply_dict; + getdns_list *answer_list; + size_t num_answers, rec_count; + struct rrsetinfo *rrset = NULL; + struct rdatainfo *rdata; + + /* don't allow flags yet, unimplemented */ + if (flags) { + result = ERRSET_INVAL; + goto done; + } + + if (rdclass != ns_c_in) + { + /* We only support class IN */ + debug2("getdns: we only support class IN\n"); + result = ERRSET_FAIL; + goto done; + } + + /* Create the DNS context for this call */ + this_ret = getdns_context_create(&this_context, 1); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2("getdns: trying to create the context failed: %d\n", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_extensions = getdns_dict_create(); + this_ret = getdns_dict_set_int(this_extensions, + "dnssec_return_status", GETDNS_EXTENSION_TRUE); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2("getdns: trying to set an extension for DNSSEC failed: %d", this_ret); + result = ERRSET_FAIL; + goto done; + } + + /* Set up the getdns_sync_request call */ + this_ret = getdns_general_sync(this_context, hostname, rdtype, + this_extensions, &this_response); + if (this_ret == GETDNS_RETURN_BAD_DOMAIN_NAME) + { + debug2("getdns: bad domain name was used: %s\n", hostname); + result = ERRSET_FAIL; + goto done; + } + + /* Be sure the search returned something */ + this_ret = getdns_dict_get_int(this_response, "status", &this_error); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2("getdns: getdns_dict_get_int failed for 'status': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + if (this_error != GETDNS_RESPSTATUS_GOOD) // If the search didn't return "good" + { + debug2("getdns: the search had no results, and status %d", + this_error); + result = ERRSET_FAIL; + goto done; + } + + this_ret = getdns_dict_get_list(this_response, "replies_tree", + &replies_tree_list); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_list failed for 'replies_tree': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + /* Assume one reply */ + this_ret = getdns_list_get_dict(replies_tree_list, 0, &reply_dict); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2("getdns: getdns_list_get_dict failed for '[0]': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_ret = getdns_dict_get_int(reply_dict, "dnssec_status", &dnssec_status); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_int failed for 'dnssec_status': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_ret = getdns_dict_get_list(reply_dict, "answer", + &answer_list); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_list failed for 'answer': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_ret = getdns_list_get_length(answer_list, &num_answers); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2("getdns: getdns_list_get_length failed: %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + /* initialize rrset */ + rrset = calloc(1, sizeof(struct rrsetinfo)); + if (rrset == NULL) { + result = ERRSET_NOMEMORY; + goto done; + } + rrset->rri_nrdatas = num_answers; + if (!rrset->rri_nrdatas) { + result = ERRSET_NODATA; + goto done; + } + + if (dnssec_status == GETDNS_DNSSEC_SECURE) + rrset->rri_flags |= RRSET_VALIDATED; + + /* allocate memory for answers */ + rrset->rri_rdatas = calloc(rrset->rri_nrdatas, + sizeof(struct rdatainfo)); + + if (rrset->rri_rdatas == NULL) { + result = ERRSET_NOMEMORY; + goto done; + } + + + /* Go through each record */ + rec_count= 0; + for ( size_t ans_count = 0; ans_count < num_answers; ++ans_count ) + { + getdns_dict * this_answer; + getdns_dict *rdata_dict; + getdns_bindata *this_rdata_data; + int answer_type; + + this_ret = getdns_list_get_dict(answer_list, ans_count, + &this_answer); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_list_get_dict failed for '[%d]': %d", + ans_count, this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_ret= getdns_dict_get_int(this_answer, "type", + &answer_type); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_int failed for 'type': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + if ((unsigned)answer_type != rdtype) + continue; + + this_ret = getdns_dict_get_dict(this_answer, "rdata", + &rdata_dict); + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_dict failed for 'rdata': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + this_ret = getdns_dict_get_bindata(rdata_dict, "rdata_raw", + &this_rdata_data); // Ignore any error + if (this_ret != GETDNS_RETURN_GOOD) + { + debug2( + "getdns: getdns_dict_get_bindata failed for 'rdata_raw': %d", + this_ret); + result = ERRSET_FAIL; + goto done; + } + + rdata = &rrset->rri_rdatas[rec_count]; + rdata->rdi_length = this_rdata_data->size; + + rdata->rdi_data = malloc(rdata->rdi_length); + if (rdata->rdi_data == NULL) { + result = ERRSET_NOMEMORY; + goto done; + } + + memcpy(rdata->rdi_data, this_rdata_data->data, + rdata->rdi_length); + + rec_count++; + } + + rrset->rri_nrdatas = rec_count; + + *res = rrset; + rrset= NULL; + result = ERRSET_SUCCESS; + +done: + getdns_dict_destroy(this_response); + getdns_dict_destroy(this_extensions); + getdns_context_destroy(this_context); + freerrset(rrset); + + return result; +} + + +void +freerrset(struct rrsetinfo *rrset) +{ + u_int16_t i; + + if (rrset == NULL) + return; + + if (rrset->rri_rdatas) { + for (i = 0; i < rrset->rri_nrdatas; i++) { + if (rrset->rri_rdatas[i].rdi_data == NULL) + break; + free(rrset->rri_rdatas[i].rdi_data); + } + free(rrset->rri_rdatas); + } + + if (rrset->rri_sigs) { + for (i = 0; i < rrset->rri_nsigs; i++) { + if (rrset->rri_sigs[i].rdi_data == NULL) + break; + free(rrset->rri_sigs[i].rdi_data); + } + free(rrset->rri_sigs); + } + + if (rrset->rri_name) + free(rrset->rri_name); + free(rrset); +} + + +#endif /* !defined (HAVE_GETRRSETBYNAME) && defined (HAVE_LDNS) */ diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c index dc6fe05..f9ca5df 100644 --- a/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c @@ -47,7 +47,7 @@ #include "includes.h" -#if !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) +#if !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) && !defined(HAVE_GETDNS) #include #include diff --git a/sshconnect.c b/sshconnect.c index f41960c..9f1eafa 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -71,6 +71,7 @@ char *server_version_string = NULL; Key *previous_host_key = NULL; static int matching_host_key_dns = 0; +static int dns_secure = 0; static pid_t proxy_command_pid = 0; @@ -972,13 +973,18 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, fatal("%s: sshkey_fingerprint fail", __func__); msg2[0] = '\0'; if (options.verify_host_key_dns) { - if (matching_host_key_dns) + if (!matching_host_key_dns) snprintf(msg2, sizeof(msg2), - "Matching host key fingerprint" + "No matching host key fingerprint" " found in DNS.\n"); + else if (!dns_secure) + snprintf(msg2, sizeof(msg2), + "The DNS lookup was not secure," + " however a matching host key" + " fingerprint was found in DNS.\n"); else snprintf(msg2, sizeof(msg2), - "No matching host key fingerprint" + "Matching host key fingerprint" " found in DNS.\n"); } snprintf(msg, sizeof(msg), @@ -1295,6 +1301,9 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) r = 0; goto out; } + if (flags & DNS_VERIFY_SECURE) { + dns_secure = 1; + } if (flags & DNS_VERIFY_MATCH) { matching_host_key_dns = 1; } else { From mikep at noc.utoronto.ca Fri Jul 24 22:10:59 2015 From: mikep at noc.utoronto.ca (mikep at noc.utoronto.ca) Date: Fri, 24 Jul 2015 08:10:59 -0400 (EDT) Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> Message-ID: > After upgrading a Linux system from OpenSSH 6.7 to 6.9, Cisco > switches/routers can no longer scp config files to/from the system. The > last debug entry before the Cisco device closes the connection is "debug1: > server_input_channel_open: confirm session". The next line is "Connection > closed by x.x.x.x". Anyone else seen this or know of a fix? The Cisco > device gives "Undefined error" when scp'ing a config file from the server, > and "Permission denied" (probably not the correct error message) when > scp'ing a file to the server. Works fine after reverting to 6.7. Cisco > device is running IOS 15.1(2). We don't use 'scp' but regular 'ssh' started failing with OpenSSH 6.8. Here's the config in 'ssh_config' that works for us: Host ForwardAgent no ForwardX11 no ForwardX11Trusted no Ciphers aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc KexAlgorithms diffie-hellman-group1-sha1 Mike -- Mike Peterson Information Security Analyst - Audit E-mail: mikep at noc.utoronto.ca WWW: http://www.noc.utoronto.ca/ Tel: 416-978-5230 Fax: 416-978-6620 From howard.m.kash.civ at mail.mil Fri Jul 24 23:14:57 2015 From: howard.m.kash.civ at mail.mil (Kash, Howard M CIV USARMY ARL (US)) Date: Fri, 24 Jul 2015 13:14:57 +0000 Subject: Cisco vs. 6.9 In-Reply-To: <1437711872.55b1be00b44147.10347432@www.paypc.com> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> Message-ID: <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> > Many aging ciphers, hashes, and key exchanges are in the process of being > retired. <1kbit Diffie Hellman moduli have been removed as well in 6.9, I > believe. > > If the Ciscos rely on <1kbit DH moduli or SHA1/MD5 hash based proposals to > work, that could be your problem. We did not update the moduli file. > A comparison of the two versions' output from: (ssh -Q kex ; ssh -Q mac ; ssh > -Q cipher) MAY help narrow it down Outputs are identical other than 6.7 prints diffie-hellman-group1-sha1 twice. > but I think you'll need to enable protocol > debug logging on the server side and see which proposals that the Cisco is > using that's no longer available in 6.9 (by default). You may just need to > add two or three lines to 6.9's sshd_config file, i.e., > KexAlgorithms/MACs/Ciphers. It doesn't appear to be a kex, mac, or cipher issue as the problem is occurring after successful password authentication. Here's the debug output from initial connection to termination: Connection from A.B.C.D port 57737 on E.F.G.H port 22 debug1: Client protocol version 2.0; client software version Cisco-1.25 debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x40000000 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9p1 debug2: fd 3 setting O_NONBLOCK debug2: Network child is on pid 7677 debug3: preauth child monitor started debug3: privsep user:group 99:99 [preauth] debug1: permanently_set_uid: 99/99 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: AUTH STATE IS 0 [preauth] debug2: kex_parse_kexinit: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group- exchange-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-ni stp384,ecdh-sha2-nistp521 [preauth] debug2: kex_parse_kexinit: ssh-rsa,ssh-dss [preauth] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc [preauth] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc [preauth] debug2: kex_parse_kexinit: hmac-sha1 [preauth] debug2: kex_parse_kexinit: hmac-sha1 [preauth] debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth] debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] debug2: kex_parse_kexinit: reserved 0 [preauth] debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma n-group1-sha1 [preauth] debug2: kex_parse_kexinit: ssh-rsa [preauth] debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc [preauth] debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc [preauth] debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96 [preauth] debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96 [preauth] debug2: kex_parse_kexinit: none [preauth] debug2: kex_parse_kexinit: none [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] debug2: kex_parse_kexinit: reserved 0 [preauth] debug1: REQUESTED ENC.NAME is '3des-cbc' [preauth] debug1: kex: client->server 3des-cbc hmac-sha1 none [preauth] debug1: REQUESTED ENC.NAME is '3des-cbc' [preauth] debug1: kex: server->client 3des-cbc hmac-sha1 none [preauth] debug2: bits set: 974/2048 [preauth] debug1: expecting SSH2_MSG_KEXDH_INIT [preauth] debug2: bits set: 1077/2048 [preauth] debug3: mm_key_sign entering [preauth] debug3: mm_request_send entering: type 6 [preauth] debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth] debug3: mm_request_receive_expect entering: type 7 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 6 debug3: mm_answer_sign debug3: mm_answer_sign: hostkey proof signature 0x7fd190fb2a60(271) debug3: mm_request_send entering: type 7 debug2: monitor_read: 6 used once, disabling now debug2: set_newkeys: mode 1 [preauth] debug1: SSH2_MSG_NEWKEYS sent [preauth] debug1: expecting SSH2_MSG_NEWKEYS [preauth] debug2: set_newkeys: mode 0 [preauth] debug1: SSH2_MSG_NEWKEYS received [preauth] debug1: KEX done [preauth] debug1: userauth-request for user username service ssh-connection method none [preauth] debug1: attempt 0 failures 0 [preauth] debug3: mm_getpwnamallow entering [preauth] debug3: mm_request_send entering: type 8 [preauth] debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth] debug3: mm_request_receive_expect entering: type 9 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 8 debug3: mm_answer_pwnamallow debug2: parse_server_config: config reprocess config len 1176 [list of tokens removed for brevity] debug3: auth_shadow_acctexpired: today 16640 sp_expire -1 days left -16641 debug3: account expiration disabled debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 debug3: mm_request_send entering: type 9 debug2: monitor_read: 8 used once, disabling now debug2: input_userauth_request: setting up authctxt for username [preauth] debug3: mm_inform_authserv entering [preauth] debug3: mm_request_send entering: type 4 [preauth] debug3: mm_auth2_read_banner entering [preauth] debug3: mm_request_send entering: type 10 [preauth] debug3: mm_request_receive_expect entering: type 11 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 4 debug3: mm_answer_authserv: service=ssh-connection, style= debug2: monitor_read: 4 used once, disabling now debug3: mm_request_receive entering debug3: monitor_read: checking request 10 debug3: mm_request_send entering: type 11 debug2: monitor_read: 10 used once, disabling now debug1: userauth_send_banner: sent [preauth] debug2: input_userauth_request: try method none [preauth] debug3: userauth_finish: failure partial=0 next methods="gssapi-keyex,gssapi-with-mic,password" [preauth] debug1: userauth-request for user username service ssh-connection method password [preauth] debug1: attempt 1 failures 0 [preauth] debug2: input_userauth_request: try method password [preauth] debug3: mm_auth_password entering [preauth] debug3: mm_request_send entering: type 12 [preauth] debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth] debug3: mm_request_receive_expect entering: type 13 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 12 debug1: temporarily_use_uid: 934/55 (e=0/0) debug1: restore_uid: 0/0 debug3: mm_answer_authpassword: sending result 1 debug3: mm_request_send entering: type 13 Accepted password for username from A.B.C.D port 57737 ssh2 debug1: monitor_child_preauth: username has been authenticated by privileged process debug3: mm_get_keystate: Waiting for new keys debug3: mm_request_receive_expect entering: type 26 debug3: mm_request_receive entering debug3: mm_get_keystate: GOT new keys debug3: mm_auth_password: user authenticated [preauth] debug3: mm_request_send entering: type 26 [preauth] debug3: mm_send_keystate: Finished sending state [preauth] debug1: monitor_read_log: child log fd closed debug3: mm_share_sync: Share sync debug3: mm_share_sync: Share sync end debug1: temporarily_use_uid: 934/55 (e=0/0) debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism debug1: restore_uid: 0/0 User child is on pid 7678 debug1: permanently_set_uid: 934/55 debug3: monitor_apply_keystate: packet_set_state debug2: set_newkeys: mode 0 debug2: set_newkeys: mode 1 debug1: ssh_packet_set_postauth: called debug3: ssh_packet_set_state: done debug3: notify_hostkeys: key 1: ssh-rsa SHA256:XXXXXXXXX debug3: notify_hostkeys: key 2: ssh-dss SHA256:XXXXXXXXX debug3: notify_hostkeys: sent 2 hostkeys debug1: Entering interactive session for SSH2. debug2: fd 5 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 3 win 8192 max 4096 debug1: input_session_request debug1: channel 0: new [server-session] debug2: session_new: allocate (allocated 0 max 10) debug3: session_unused: session id 0 unused debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session Connection closed by A.B.C.D debug1: channel 0: free: server-session, nchannels 1 debug3: channel 0: status: The following connections are open: #0 server-session (t10 r3 i0/0 o0/0 fd -1/-1 cc -1) debug1: session_close: session 0 pid 0 debug3: session_unused: session id 0 unused debug1: do_cleanup debug1: krb5_cleanup_proc called Transferred: sent 3680, received 816 bytes Closing connection to A.B.C.D port 57737 debug3: mm_request_send entering: type 50 debug3: mm_request_receive entering debug3: monitor_read: checking request 50 debug3: mm_answer_term: tearing down sessions Howard -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5583 bytes Desc: not available URL: From howard.m.kash.civ at mail.mil Sat Jul 25 06:11:31 2015 From: howard.m.kash.civ at mail.mil (Kash, Howard M CIV USARMY ARL (US)) Date: Fri, 24 Jul 2015 20:11:31 +0000 Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> Message-ID: <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> As another data point, Cisco devices are also unable to scp to a system running version 6.8. So the incompatibility was introduced between 6.7 and 6.8. I've been debugging all day and it seems like 6.8 is skipping or adding an extra increment to the packet sequence number. The debug output from 6.7 has: MAC #6 ok done calc MAC out #7 MAC #7 ok but 6.9 skips #7 and goes to 8: MAC #6 ok done calc MAC out #8 This is when the connection is closed by the Cisco device. Howard From mdb at juniper.net Sat Jul 25 09:25:38 2015 From: mdb at juniper.net (Mark D. Baushke) Date: Fri, 24 Jul 2015 16:25:38 -0700 Subject: DH_GRP_MIN is currently 1024, should it be bumped to 2048? Message-ID: <73497.1437780338@eng-mail01.juniper.net> Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark From thomas.jarosch at intra2net.com Mon Jul 27 00:52:18 2015 From: thomas.jarosch at intra2net.com (Thomas Jarosch) Date: Sun, 26 Jul 2015 16:52:18 +0200 Subject: [PATCH] ssh-agent: Add support to load additional certificates Message-ID: <55B4F422.7030405@intra2net.com> Add support to load additional certificates for already loaded private keys. Useful if the private key is on a PKCS#11 hardware token. The private keys inside ssh-agent are now using a refcount to share the private parts between "Identities". The reason for this change was that the PKCS#11 code might have redirected ("wrap") the RSA functions to a hardware token. We don't want to mess with those internals. Tested with an OpenGPG card. Patch developed against 6.9p and applies to original 6.9, too. Please CC: comments. Signed-off-by: Thomas Jarosch diff -u -r -p openssh-6.9p1/ssh-add.1 openssh.cert_shadow/ssh-add.1 --- openssh-6.9p1/ssh-add.1 2015-07-01 04:35:31.000000000 +0200 +++ openssh.cert_shadow/ssh-add.1 2015-07-26 16:02:14.119312097 +0200 @@ -122,6 +122,10 @@ Remove keys provided by the PKCS#11 shar .It Fl k When loading keys into or deleting keys from the agent, process plain private keys only and skip certificates. +.It Fl p +Load additional certificate for already loaded private key. +Will refuse to load the certificate if no matching key is found. +Useful if the private key is stored on a PKCS#11 hardware token. .It Fl L Lists public key parameters of all identities currently represented by the agent. diff -u -r -p openssh-6.9p1/ssh-add.c openssh.cert_shadow/ssh-add.c --- openssh-6.9p1/ssh-add.c 2015-07-01 04:35:31.000000000 +0200 +++ openssh.cert_shadow/ssh-add.c 2015-07-26 15:58:06.513151180 +0200 @@ -180,6 +180,49 @@ delete_all(int agent_fd) } static int +add_certificate_only(int agent_fd, const char *filename) +{ + struct sshkey *cert = NULL; + char *comment = NULL; + int r, ret = -1; + + /* Load certificate */ + if ((r = sshkey_load_public(filename, &cert, &comment)) != 0) { + if (r != SSH_ERR_SYSTEM_ERROR || errno != ENOENT) + error("Failed to load certificate \"%s\": %s", + filename, ssh_err(r)); + goto out; + } + if (!sshkey_is_cert(cert)) { + error("Not a certificate: %s", filename); + goto out; + } + + /* Add empty private key fields for serialization */ + if ((r = sshkey_add_private(cert)) != 0) + goto out; + + if ((r = ssh_add_identity_constrained(agent_fd, cert, comment, + lifetime, confirm)) != 0) { + error("Certificate %s (%s) add failed: %s", filename, + cert->cert->key_id, ssh_err(r)); + goto out; + } + ret = 0; + fprintf(stderr, "Certificate added: %s (%s)\n", filename, + cert->cert->key_id); + if (lifetime != 0) + fprintf(stderr, "Lifetime set to %d seconds\n", lifetime); + if (confirm != 0) + fprintf(stderr, "The user must confirm each use of the key\n"); + out: + free(comment); + sshkey_free(cert); + + return ret; +} + +static int add_file(int agent_fd, const char *filename, int key_only) { struct sshkey *private, *cert; @@ -445,13 +488,16 @@ lock_agent(int agent_fd, int lock) } static int -do_file(int agent_fd, int deleting, int key_only, char *file) +do_file(int agent_fd, int deleting, int key_only, int cert_only, char *file) { if (deleting) { if (delete_file(agent_fd, file, key_only) == -1) return -1; } else { - if (add_file(agent_fd, file, key_only) == -1) + if (cert_only) { + if (add_certificate_only(agent_fd, file) == -1) + return -1; + } else if (add_file(agent_fd, file, key_only) == -1) return -1; } return 0; @@ -466,6 +512,7 @@ usage(void) fprintf(stderr, " -E hash Specify hash algorithm used for fingerprints.\n"); fprintf(stderr, " -L List public key parameters of all identities.\n"); fprintf(stderr, " -k Load only keys and not certificates.\n"); + fprintf(stderr, " -p Load additional certificate. Private key must be loaded.\n"); fprintf(stderr, " -c Require confirmation to sign using identities\n"); fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); fprintf(stderr, " -d Delete identity.\n"); @@ -483,7 +530,7 @@ main(int argc, char **argv) extern int optind; int agent_fd; char *pkcs11provider = NULL; - int r, i, ch, deleting = 0, ret = 0, key_only = 0; + int r, i, ch, deleting = 0, ret = 0, key_only = 0, cert_only = 0; int xflag = 0, lflag = 0, Dflag = 0; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ @@ -511,7 +558,7 @@ main(int argc, char **argv) exit(2); } - while ((ch = getopt(argc, argv, "klLcdDxXE:e:s:t:")) != -1) { + while ((ch = getopt(argc, argv, "kplLcdDxXE:e:s:t:")) != -1) { switch (ch) { case 'E': fingerprint_hash = ssh_digest_alg_by_name(optarg); @@ -519,8 +566,15 @@ main(int argc, char **argv) fatal("Invalid hash algorithm \"%s\"", optarg); break; case 'k': + if (cert_only) + fatal("-k and -p are incompatible"); key_only = 1; break; + case 'p': + if (key_only) + fatal("-k and -p are incompatible"); + cert_only = 1; + break; case 'l': case 'L': if (lflag != 0) @@ -604,7 +658,7 @@ main(int argc, char **argv) default_files[i]); if (stat(buf, &st) < 0) continue; - if (do_file(agent_fd, deleting, key_only, buf) == -1) + if (do_file(agent_fd, deleting, key_only, cert_only, buf) == -1) ret = 1; else count++; @@ -613,7 +667,7 @@ main(int argc, char **argv) ret = 1; } else { for (i = 0; i < argc; i++) { - if (do_file(agent_fd, deleting, key_only, + if (do_file(agent_fd, deleting, key_only, cert_only, argv[i]) == -1) ret = 1; } diff -u -r -p openssh-6.9p1/ssh-agent.c openssh.cert_shadow/ssh-agent.c --- openssh-6.9p1/ssh-agent.c 2015-07-01 04:35:31.000000000 +0200 +++ openssh.cert_shadow/ssh-agent.c 2015-07-26 14:59:53.733842195 +0200 @@ -112,9 +112,15 @@ typedef struct { u_int sockets_alloc = 0; SocketEntry *sockets = NULL; +typedef struct refcountkey { + struct sshkey *key; + int count; +} RefcountKey; + typedef struct identity { TAILQ_ENTRY(identity) next; - struct sshkey *key; + RefcountKey *idkey; + RefcountKey *shadowed_key; char *comment; char *provider; time_t death; @@ -188,16 +194,43 @@ idtab_lookup(int version) return &idtable[version]; } +static RefcountKey * +refkey_new(struct sshkey *key) +{ + RefcountKey *ref = xcalloc(1, sizeof(RefcountKey)); + + ref->key = key; + ref->count = 1; + + return ref; +} + +static RefcountKey * +refkey_addref(RefcountKey *refkey) +{ + ++refkey->count; + return refkey; +} + +static void refkey_unref(RefcountKey *refkey) +{ + if (refkey && --refkey->count <= 0) { + sshkey_free(refkey->key); + free(refkey); + } +} + static void free_identity(Identity *id) { - sshkey_free(id->key); + refkey_unref(id->idkey); + refkey_unref(id->shadowed_key); free(id->provider); free(id->comment); free(id); } -/* return matching private key for given public key */ +/* return matching Identity for given public key */ static Identity * lookup_identity(struct sshkey *key, int version) { @@ -205,7 +238,22 @@ lookup_identity(struct sshkey *key, int Idtab *tab = idtab_lookup(version); TAILQ_FOREACH(id, &tab->idlist, next) { - if (sshkey_equal(key, id->key)) + if (sshkey_equal(key, id->idkey->key)) + return (id); + } + return (NULL); +} + +/* return matching private key for given public key */ +static Identity * +lookup_identity_unshadowed_key(struct sshkey *key, int version) +{ + Identity *id; + + Idtab *tab = idtab_lookup(version); + TAILQ_FOREACH(id, &tab->idlist, next) { + if (sshkey_equal_public(key, id->idkey->key) && + id->shadowed_key == NULL) return (id); } return (NULL); @@ -218,7 +266,7 @@ confirm_key(Identity *id) char *p; int ret = -1; - p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); + p = sshkey_fingerprint(id->idkey->key, fingerprint_hash, SSH_FP_DEFAULT); if (p != NULL && ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) @@ -256,14 +304,14 @@ process_request_identities(SocketEntry * (r = sshbuf_put_u32(msg, tab->nentries)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); TAILQ_FOREACH(id, &tab->idlist, next) { - if (id->key->type == KEY_RSA1) { + if (id->idkey->key->type == KEY_RSA1) { #ifdef WITH_SSH1 if ((r = sshbuf_put_u32(msg, - BN_num_bits(id->key->rsa->n))) != 0 || + BN_num_bits(id->idkey->key->rsa->n))) != 0 || (r = sshbuf_put_bignum1(msg, - id->key->rsa->e)) != 0 || + id->idkey->key->rsa->e)) != 0 || (r = sshbuf_put_bignum1(msg, - id->key->rsa->n)) != 0) + id->idkey->key->rsa->n)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); #endif @@ -271,7 +319,7 @@ process_request_identities(SocketEntry * u_char *blob; size_t blen; - if ((r = sshkey_to_blob(id->key, &blob, &blen)) != 0) { + if ((r = sshkey_to_blob(id->idkey->key, &blob, &blen)) != 0) { error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); continue; @@ -327,7 +375,7 @@ process_authentication_challenge1(Socket id = lookup_identity(key, 1); if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { - struct sshkey *private = id->key; + struct sshkey *private = id->idkey->key; /* Decrypt the challenge using the private key. */ if ((r = rsa_private_decrypt(challenge, challenge, private->rsa) != 0)) { @@ -380,7 +428,7 @@ process_sign_request2(SocketEntry *e) u_int compat = 0, flags; int r, ok = -1; struct sshbuf *msg; - struct sshkey *key; + struct sshkey *key, *sign_key; struct identity *id; if ((msg = sshbuf_new()) == NULL) @@ -403,7 +451,12 @@ process_sign_request2(SocketEntry *e) verbose("%s: user refused key", __func__); goto send; } - if ((r = sshkey_sign(id->key, &signature, &slen, + + if (id->shadowed_key) + sign_key = id->shadowed_key->key; + else + sign_key = id->idkey->key; + if ((r = sshkey_sign(sign_key, &signature, &slen, data, dlen, compat)) != 0) { error("%s: sshkey_sign: %s", __func__, ssh_err(ok)); goto send; @@ -643,12 +696,38 @@ process_add_identity(SocketEntry *e, int } } - success = 1; if (lifetime && !death) death = monotime() + lifetime; + + /* handle additional certificates for an existing private key */ + if (!sshkey_is_private(k)) { + id = lookup_identity_unshadowed_key(k, version); + /* ensure we have a private key and this cert is new */ + if (id != NULL && lookup_identity(k, version) == NULL) { + Identity *certid = xcalloc(1, sizeof(Identity)); + certid->idkey = refkey_new(k); + certid->shadowed_key = refkey_addref(id->idkey); + if (id->provider) + certid->provider = xstrdup(id->provider); + if (id->comment) + certid->comment = xstrdup(id->comment); /* XXX */ + certid->death = death; + certid->confirm = confirm | id->confirm; + + TAILQ_INSERT_TAIL(&tab->idlist, certid, next); + tab->nentries++; + success = 1; + } else + sshkey_free(k); + + free(comment); + goto send; + } + + success = 1; if ((id = lookup_identity(k, version)) == NULL) { id = xcalloc(1, sizeof(Identity)); - id->key = k; + id->idkey = refkey_new(k); TAILQ_INSERT_TAIL(&tab->idlist, id, next); /* Increment the number of identities. */ tab->nentries++; @@ -774,7 +853,7 @@ process_add_smartcard_key(SocketEntry *e tab = idtab_lookup(version); if (lookup_identity(k, version) == NULL) { id = xcalloc(1, sizeof(Identity)); - id->key = k; + id->idkey = refkey_new(k); id->provider = xstrdup(provider); id->comment = xstrdup(provider); /* XXX */ id->death = death; diff -u -r -p openssh-6.9p1/sshkey.c openssh.cert_shadow/sshkey.c --- openssh-6.9p1/sshkey.c 2015-07-01 04:35:31.000000000 +0200 +++ openssh.cert_shadow/sshkey.c 2015-07-26 13:55:40.978410299 +0200 @@ -324,6 +324,48 @@ sshkey_is_cert(const struct sshkey *k) return sshkey_type_is_cert(k->type); } +/* TODO: Please review carefully */ +int +sshkey_is_private(const struct sshkey *k) +{ + switch (k->type) { +#ifdef WITH_OPENSSL + case KEY_RSA1: + case KEY_RSA: + case KEY_RSA_CERT_V00: + case KEY_RSA_CERT: + if (k->rsa && k->rsa->d && k->rsa->q && k->rsa->p && + k->rsa->iqmp && + !BN_is_zero(k->rsa->d) && + !BN_is_zero(k->rsa->q) && + !BN_is_zero(k->rsa->p) && + !BN_is_zero(k->rsa->iqmp)) + return 1; + break; + case KEY_DSA: + case KEY_DSA_CERT_V00: + case KEY_DSA_CERT: + if (k->dsa && k->dsa->priv_key) + return 1; + break; + case KEY_ECDSA: + case KEY_ECDSA_CERT: + if (k->ecdsa && EC_KEY_get0_private_key(k->ecdsa)) + return 1; + break; +#endif /* WITH_OPENSSL */ + case KEY_ED25519: + case KEY_ED25519_CERT: + if (k->ed25519_sk) + return 1; + break; + case KEY_UNSPEC: + break; + } + + return 0; +} + /* Return the cert-less equivalent to a certified key type */ int sshkey_type_plain(int type) diff -u -r -p openssh-6.9p1/sshkey.h openssh.cert_shadow/sshkey.h --- openssh-6.9p1/sshkey.h 2015-07-01 04:35:31.000000000 +0200 +++ openssh.cert_shadow/sshkey.h 2015-07-26 11:15:33.344024398 +0200 @@ -135,6 +135,7 @@ int sshkey_generate(int type, u_int bi int sshkey_from_private(const struct sshkey *, struct sshkey **); int sshkey_type_from_name(const char *); int sshkey_is_cert(const struct sshkey *); +int sshkey_is_private(const struct sshkey *); int sshkey_type_is_cert(int); int sshkey_type_plain(int); int sshkey_to_certified(struct sshkey *, int); From dtucker at zip.com.au Mon Jul 27 11:30:21 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Mon, 27 Jul 2015 11:30:21 +1000 Subject: DH_GRP_MIN is currently 1024, should it be bumped to 2048? In-Reply-To: <73497.1437780338@eng-mail01.juniper.net> References: <73497.1437780338@eng-mail01.juniper.net> Message-ID: On Sat, Jul 25, 2015 at 9:25 AM, Mark D. Baushke wrote: > Greetings, > > Given the weakness with Diffie-Hellman modp groups less than 2048, is it > time to bump the suggested 1024 bit minimum value from the RFC 4419 to a > more current 2048 value for OpenSSH 7.0? > DH_GRP_MIN is used for 2 things: a) the client's minimum acceptable group size sent in the DH-GEX request. b) the lower bound of the group size picked out of the moduli file. For a), the OpenSSH client has asked for preferred sizes no less that 2k bits for a couple of years [1]. Changing the minimum in this case would have no effect on (RFC compliant) servers that have groups >= 2k, and would probably cause a connection failure on ones that do not. For b), we recently removed the 1k groups from the moduli file, so the minimum that can be offered is 1.5 kbit. What would be the desired outcome of such a change to DH_GRP_MIN? Rendering it such that DH-GEX doesn't work for a given connection makes it much more likely that the connection would use one of the fixed groups, and group1 in particular seems at much higher risk for LogJam style attacks than even a 1k group from a large and changing set. [1] https://anongit.mindrot.org/openssh.git/commit/?id=df62d71e64d29d1054e7a53d1a801075ef70335f [2] https://anongit.mindrot.org/openssh.git/commit/moduli?id=5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From mdb at juniper.net Tue Jul 28 11:18:48 2015 From: mdb at juniper.net (Mark D. Baushke) Date: Mon, 27 Jul 2015 18:18:48 -0700 Subject: DH_GRP_MIN is currently 1024, should it be bumped to 2048? In-Reply-To: References: <73497.1437780338@eng-mail01.juniper.net> Message-ID: <98075.1438046328@eng-mail01.juniper.net> Hi Darren, Many thanks for your response. Darren Tucker writes: > On Sat, Jul 25, 2015 at 9:25 AM, Mark D. Baushke wrote: > > > Greetings, > > > > Given the weakness with Diffie-Hellman modp groups less than 2048, is it > > time to bump the suggested 1024 bit minimum value from the RFC 4419 to a > > more current 2048 value for OpenSSH 7.0? > > > > DH_GRP_MIN is used for 2 things: > a) the client's minimum acceptable group size sent in the DH-GEX request. > b) the lower bound of the group size picked out of the moduli file. > > For a), the OpenSSH client has asked for preferred sizes no less that 2k > bits for a couple of years [1]. Changing the minimum in this case would > have no effect on (RFC compliant) servers that have groups >= 2k, and would > probably cause a connection failure on ones that do not. Regarding RFC compliant servers, RFC 4419 specifies the 1024 bit minimum as a 'SHOULD' value rather than a 'MUST' value. If we do care that the default needs to be able to be adjusted by the SSH client AND the SSH server, then perhaps it needs to be a configuration option that best meets the paranoia of the user and the site administrator? fwiw: NIST SP 800-131A[3] (see Table 4) currently wants the minimum Diffie-Hellman Group to be enforced as a minimum of 2048 bits. Using less than 2048 bit DH primes would not be a best practice as far as the NIST folks are concerned. [3] http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf or its draft replacement http://csrc.nist.gov/publications/drafts/800-131A/sp800-131a_r1_draft.pdf > For b), we recently removed the 1k groups from the moduli file, so the > minimum that can be offered is 1.5 kbit. Yes. This was a good change. I am not sure that removing primes less than 2048 bit would not be even better... That said, because I care about NIST SP 800-56Ar2[4] section 5.5.1.1 FFC Domain Parameter Generation, I would rather that the g values selected in the correct cyclic subgroup. [4] http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf > What would be the desired outcome of such a change to DH_GRP_MIN? To allow the paranoia the the current best practices be able to be set by the users of the client and the server. > Rendering it such that DH-GEX doesn't work for a given connection > makes it much more likely that the connection would use one of the > fixed groups, and group1 in particular seems at much higher risk for > LogJam style attacks than even a 1k group from a large and changing > set. You may be right, although I hope they do NOT choose diffie-hellman-group1-sha1 I would hope that they would be able to use one of * diffie-hellman-group14-sha1 * curve25519-sha256 at libssh.org * RFC 5656 ECDH curves (ecdh-sha2-nistp{256,384,521}) Longer term I favor * standard use of Curve25519 * standard use of Curve488 * standard use of Koblitz Curve K-233 (seems faster than the NISTP curves) * something the IRTF-CRSG suggests that can be standardized > [1] > https://anongit.mindrot.org/openssh.git/commit/?id=df62d71e64d29d1054e7a53d1a801075ef70335f > [2] > https://anongit.mindrot.org/openssh.git/commit/moduli?id=5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a Thank you, -- Mark From nstanoszek at gmail.com Tue Jul 28 13:19:12 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Mon, 27 Jul 2015 23:19:12 -0400 Subject: Updating from 6.6 - 6.9 SSH Message-ID: Hi I am having issues withupdating ssh from 6.6 to 6.9. When i update it, it works; however, I cannot successfully SSH back into the server. I get a publickey error. I am following the directions here: https://kenkoehlerca.wordpress.com/2015/01/07/upgrading-to-openssh-6-7p1-on-ubuntu/comment-page-1/#comment-4 Please help--this is the only thing keeping me back. I am on Ubuntu 14.04 on AWS. Thanks! NIck From dtucker at zip.com.au Tue Jul 28 14:53:02 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Tue, 28 Jul 2015 14:53:02 +1000 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: Message-ID: On Tue, Jul 28, 2015 at 1:19 PM, Nick Stanoszek wrote: > Hi I am having issues withupdating ssh from 6.6 to 6.9. When i update it, > it works; however, I cannot successfully SSH back into the server. I get a > publickey error. > Exactly what error? > I am following the directions here: > > > https://kenkoehlerca.wordpress.com/2015/01/07/upgrading-to-openssh-6-7p1-on-ubuntu/comment-page-1/#comment-4 I would guess that you didn't actually follow those directions, in particular this bit: sudo ./configure ?sysconfdir=/etc/ssh Leaving aside that there's no need to run that under sudo, omitting the sysconfdir will end up with the host keys in /usr/local/etc, and since they won't exist there you'll get a fresh set generated rather than using the ones in /etc/ssh, which will cause a hostkey mismatch. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From nstanoszek at gmail.com Wed Jul 29 00:06:59 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Tue, 28 Jul 2015 10:06:59 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: Message-ID: Hi again, I ran the commands exactly. I see that some keys are not overwritten and skipped---but some are still created. I just tried again...and still get an error. Thoughts to prevent it from overwriting my keys? On Tue, Jul 28, 2015 at 12:53 AM, Darren Tucker wrote: > On Tue, Jul 28, 2015 at 1:19 PM, Nick Stanoszek > wrote: > >> Hi I am having issues withupdating ssh from 6.6 to 6.9. When i update it, >> it works; however, I cannot successfully SSH back into the server. I get >> a >> publickey error. >> > > Exactly what error? > > >> I am following the directions here: >> >> >> https://kenkoehlerca.wordpress.com/2015/01/07/upgrading-to-openssh-6-7p1-on-ubuntu/comment-page-1/#comment-4 > > > I would guess that you didn't actually follow those directions, in > particular this bit: > > sudo ./configure ?sysconfdir=/etc/ssh > > Leaving aside that there's no need to run that under sudo, omitting the > sysconfdir will end up with the host keys in /usr/local/etc, and since they > won't exist there you'll get a fresh set generated rather than using the > ones in /etc/ssh, which will cause a hostkey mismatch. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > From howard.m.kash.civ at mail.mil Wed Jul 29 01:42:13 2015 From: howard.m.kash.civ at mail.mil (Kash, Howard M CIV USARMY ARL (US)) Date: Tue, 28 Jul 2015 15:42:13 +0000 Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> Message-ID: <8B01299690A8A94AB8629283FAFED8F1AB3C2055@umechpany.easf.csd.disa.mil> Turns out the problem is the new protocol extension for sending host keys to the client after user authentication (section 2.5 of the PROTOCOLS document). Commenting out the notify_hostkeys() call in sshd.c fixes the issues with Cisco scp. Maybe a new bug compatibility flag in on order to add to the "Cisco-1.*" client string that was added in 6.9? Howard -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5583 bytes Desc: not available URL: From howard.m.kash.civ at mail.mil Wed Jul 29 02:20:34 2015 From: howard.m.kash.civ at mail.mil (Kash, Howard M CIV USARMY ARL (US)) Date: Tue, 28 Jul 2015 16:20:34 +0000 Subject: Cisco vs. 6.9 References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> Message-ID: <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> > Turns out the problem is the new protocol extension for sending host keys to > the client after user authentication (section 2.5 of the PROTOCOLS > document). Commenting out the notify_hostkeys() call in sshd.c fixes the > issues with Cisco scp. Maybe a new bug compatibility flag in on order to > add to the "Cisco-1.*" client string that was added in 6.9? There's already a flag... just need to add SSH_BUG_HOSTKEYS to "Cisco-1.*" in compat.c. Howard -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5583 bytes Desc: not available URL: From dtucker at zip.com.au Wed Jul 29 09:19:48 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Wed, 29 Jul 2015 09:19:48 +1000 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: Message-ID: On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek wrote: > Hi again, > > I ran the commands exactly. I see that some keys are not overwritten and > skipped---but some are still created. > You may be able to see that, but we can't unless you show us what it said, and you didn't. I just tried again...and still get an error. > quoting from my previous response: "Exactly what error?" > Thoughts to prevent it from overwriting my keys? > You have not provided sufficient information to do anything more that guess, and I've already done that. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From djm at mindrot.org Wed Jul 29 09:20:59 2015 From: djm at mindrot.org (Damien Miller) Date: Wed, 29 Jul 2015 09:20:59 +1000 (AEST) Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> Message-ID: On Tue, 28 Jul 2015, Kash, Howard M CIV USARMY ARL (US) wrote: > > Turns out the problem is the new protocol extension for sending host keys > to > > the client after user authentication (section 2.5 of the PROTOCOLS > > document). Commenting out the notify_hostkeys() call in sshd.c fixes the > > issues with Cisco scp. Maybe a new bug compatibility flag in on order to > > add to the "Cisco-1.*" client string that was added in 6.9? > > There's already a flag... just need to add SSH_BUG_HOSTKEYS to "Cisco-1.*" > in compat.c. Done - this will be in openssh-7.0 From dtucker at zip.com.au Wed Jul 29 09:23:43 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Wed, 29 Jul 2015 09:23:43 +1000 Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> Message-ID: <20150728232343.GA14354@gate.dtucker.net> On Tue, Jul 28, 2015 at 04:20:34PM +0000, Kash, Howard M CIV USARMY ARL (US) wrote: > > Turns out the problem is the new protocol extension for sending host keys > to > > the client after user authentication (section 2.5 of the PROTOCOLS > > document). Commenting out the notify_hostkeys() call in sshd.c fixes the > > issues with Cisco scp. Maybe a new bug compatibility flag in on order to > > add to the "Cisco-1.*" client string that was added in 6.9? > > There's already a flag... just need to add SSH_BUG_HOSTKEYS to "Cisco-1.*" > in compat.c. Like so? Index: compat.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/compat.c,v retrieving revision 1.95 diff -u -p -r1.95 compat.c --- compat.c 13 Jul 2015 04:57:14 -0000 1.95 +++ compat.c 28 Jul 2015 23:22:07 -0000 @@ -150,7 +150,7 @@ compat_datafellows(const char *version) "1.2.22*", SSH_BUG_IGNOREMSG }, { "1.3.2*", /* F-Secure */ SSH_BUG_IGNOREMSG }, - { "Cisco-1.*", SSH_BUG_DHGEX_LARGE }, + { "Cisco-1.*", SSH_BUG_DHGEX_LARGE|SSH_BUG_HOSTKEYS }, { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, { "*OSU_0*," -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From nstanoszek at gmail.com Wed Jul 29 11:49:06 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Tue, 28 Jul 2015 21:49:06 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: Message-ID: My apologies Darren, The error i get is a "PUBLICKEY" error as noted previously. Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS Permission denied (publickey). Nicks-MacBook-Pro:Downloads$ I followed the directions as noted in the previous email to a T. Just copied and pasted---and used v6.9 ssh (which is the latest). What other info do you need? Thanks Nick On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: > On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek > wrote: > >> Hi again, >> >> I ran the commands exactly. I see that some keys are not overwritten and >> skipped---but some are still created. >> > > You may be able to see that, but we can't unless you show us what it said, > and you didn't. > > I just tried again...and still get an error. >> > > quoting from my previous response: "Exactly what error?" > > >> Thoughts to prevent it from overwriting my keys? >> > > You have not provided sufficient information to do anything more that > guess, and I've already done that. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > From nstanoszek at gmail.com Wed Jul 29 11:58:45 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Tue, 28 Jul 2015 21:58:45 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: <55B832A2.5010102@eviladmin.org> References: <55B832A2.5010102@eviladmin.org> Message-ID: Please see below :). Just a note---this is the EXACT command that I use to log into the server BEFORE i try to update SSH. I continue to use this same command for other servers. Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at 54.200.249.185 -v -v -v -v OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key debug1: identity file Payr-SimplicityPOSKey.pem type -1 debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 debug1: match: OpenSSH_6.9 pat OpenSSH* debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01 at openssh.com, ssh-rsa-cert-v00 at openssh.com,ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com, ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ssh-dss-cert-v01 at openssh.com, ssh-dss-cert-v00 at openssh.com,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, aes128-gcm at openssh.com,aes256-gcm at openssh.com ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, rijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, aes128-gcm at openssh.com,aes256-gcm at openssh.com ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, rijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com, hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com, umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com, hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com, umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, aes256-gcm at openssh.com debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, aes256-gcm at openssh.com debug2: kex_parse_kexinit: umac-64-etm at openssh.com,umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, hmac-sha1-etm at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: umac-64-etm at openssh.com,umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, hmac-sha1-etm at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: none,zlib at openssh.com debug2: kex_parse_kexinit: none,zlib at openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-sha1-etm at openssh.com debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com none debug2: mac_setup: found hmac-sha1-etm at openssh.com debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 163/320 debug2: bits set: 1029/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55 debug3: load_hostkeys: loaded 1 keys debug1: Host '54.200.249.185' is known and matches the RSA host key. debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 debug2: bits set: 1020/2048 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: Payr-SimplicityPOSKey.pem debug1: read PEM private key done: type RSA debug3: sign_and_send_pubkey: RSA c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey). On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom wrote: > > Sorry that isn't really useful. You may need to provide the ssh -vvv and > sshd -ddd outputs on the client and server respectively to determine what > is going on. > > Normally public key errors means that permissions are wrong on the key > material or the directory leading to the key material in the user's home > directory. > > - Ben > > Nick Stanoszek wrote: > > My apologies Darren, > > The error i get is a "PUBLICKEY" error as noted previously. > > Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS > > Permission denied (publickey). > > Nicks-MacBook-Pro:Downloads$ > > > I followed the directions as noted in the previous email to a T. Just > copied and pasted---and used v6.9 ssh (which is the latest). What other > info do you need? > > > Thanks > > Nick > > > > > On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: > > > On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek > wrote: > > > Hi again, > > I ran the commands exactly. I see that some keys are not overwritten and > skipped---but some are still created. > > > You may be able to see that, but we can't unless you show us what it said, > and you didn't. > > I just tried again...and still get an error. > > quoting from my previous response: "Exactly what error?" > > > > Thoughts to prevent it from overwriting my keys? > > > You have not provided sufficient information to do anything more that > guess, and I've already done that. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > > > _______________________________________________ > openssh-unix-dev mailing listopenssh-unix-dev at mindrot.orghttps://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > > > From mouring at eviladmin.org Wed Jul 29 11:55:46 2015 From: mouring at eviladmin.org (Ben Lindstrom) Date: Tue, 28 Jul 2015 20:55:46 -0500 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: Message-ID: <55B832A2.5010102@eviladmin.org> Sorry that isn't really useful. You may need to provide the ssh -vvv and sshd -ddd outputs on the client and server respectively to determine what is going on. Normally public key errors means that permissions are wrong on the key material or the directory leading to the key material in the user's home directory. - Ben Nick Stanoszek wrote: > My apologies Darren, > > The error i get is a "PUBLICKEY" error as noted previously. > > Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS > > Permission denied (publickey). > > Nicks-MacBook-Pro:Downloads$ > > > I followed the directions as noted in the previous email to a T. Just > copied and pasted---and used v6.9 ssh (which is the latest). What other > info do you need? > > > Thanks > > Nick > > > > > On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: > >> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >> wrote: >> >>> Hi again, >>> >>> I ran the commands exactly. I see that some keys are not overwritten and >>> skipped---but some are still created. >>> >> You may be able to see that, but we can't unless you show us what it said, >> and you didn't. >> >> I just tried again...and still get an error. >> quoting from my previous response: "Exactly what error?" >> >> >>> Thoughts to prevent it from overwriting my keys? >>> >> You have not provided sufficient information to do anything more that >> guess, and I've already done that. >> >> -- >> Darren Tucker (dtucker at zip.com.au) >> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >> Good judgement comes with experience. Unfortunately, the experience >> usually comes from bad judgement. >> > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev From nstanoszek at gmail.com Wed Jul 29 12:01:04 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Tue, 28 Jul 2015 22:01:04 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: <55B833BE.70705@eviladmin.org> References: <55B832A2.5010102@eviladmin.org> <55B833BE.70705@eviladmin.org> Message-ID: I am using an AWS ubuntu 14.04 server...is that what you are asking? On Tue, Jul 28, 2015 at 10:00 PM, Ben Lindstrom wrote: > And Server? > > > - Ben > > Nick Stanoszek wrote: > > Please see below :). Just a note---this is the EXACT command that I use > to log into the server BEFORE i try to update SSH. I continue to use this > same command for other servers. > > Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at 54.200.249.185 -v > -v -v -v > > OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 > > debug1: Reading configuration data /etc/ssh_config > > debug1: /etc/ssh_config line 20: Applying options for * > > debug2: ssh_connect: needpriv 0 > > debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. > > debug1: Connection established. > > debug3: Incorrect RSA1 identifier > > debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key > > debug1: identity file Payr-SimplicityPOSKey.pem type -1 > > debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_6.2 > > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 > > debug1: match: OpenSSH_6.9 pat OpenSSH* > > debug2: fd 3 setting O_NONBLOCK > > debug3: load_hostkeys: loading entries for host "54.200.249.185" from file > "/Users/nickstanoszek/.ssh/known_hosts" > > debug3: load_hostkeys: found key type RSA in file > /Users/nickstanoszek/.ssh/known_hosts:55 > > debug3: load_hostkeys: loaded 1 keys > > debug3: order_hostkeyalgs: prefer hostkeyalgs: > ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com, > ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ssh-dss-cert-v01 at openssh.com, > ssh-dss-cert-v00 at openssh.com,ssh-dss > > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, > aes128-gcm at openssh.com,aes256-gcm at openssh.com > ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, > rijndael-cbc at lysator.liu.se > > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, > aes128-gcm at openssh.com,aes256-gcm at openssh.com > ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, > rijndael-cbc at lysator.liu.se > > debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, > hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, > hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com, > hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com, > umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, > hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, > hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com, > hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com, > hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com, > umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, > hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib > > debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org > ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 > > debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com > ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, > aes256-gcm at openssh.com > > debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com > ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, > aes256-gcm at openssh.com > > debug2: kex_parse_kexinit: umac-64-etm at openssh.com, > umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, > hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, > umac-64 at openssh.com,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 > > debug2: kex_parse_kexinit: umac-64-etm at openssh.com, > umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, > hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, > umac-64 at openssh.com,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 > > debug2: kex_parse_kexinit: none,zlib at openssh.com > > debug2: kex_parse_kexinit: none,zlib at openssh.com > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: mac_setup: found hmac-sha1-etm at openssh.com > > debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com none > > debug2: mac_setup: found hmac-sha1-etm at openssh.com > > debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug2: dh_gen_key: priv key bits set: 163/320 > > debug2: bits set: 1029/2048 > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug1: Server host key: RSA > e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 > > debug3: load_hostkeys: loading entries for host "54.200.249.185" from file > "/Users/nickstanoszek/.ssh/known_hosts" > > debug3: load_hostkeys: found key type RSA in file > /Users/nickstanoszek/.ssh/known_hosts:55 > > debug3: load_hostkeys: loaded 1 keys > > debug1: Host '54.200.249.185' is known and matches the RSA host key. > > debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 > > debug2: bits set: 1020/2048 > > debug1: ssh_rsa_verify: signature correct > > debug2: kex_derive_keys > > debug2: set_newkeys: mode 1 > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug2: set_newkeys: mode 0 > > debug1: SSH2_MSG_NEWKEYS received > > debug1: Roaming not allowed by server > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug2: service_accept: ssh-userauth > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit > > debug1: Authentications that can continue: publickey > > debug3: start over, passed a different list publickey > > debug3: preferred > gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password > > debug3: authmethod_lookup publickey > > debug3: remaining preferred: keyboard-interactive,password > > debug3: authmethod_is_enabled publickey > > debug1: Next authentication method: publickey > > debug1: Trying private key: Payr-SimplicityPOSKey.pem > > debug1: read PEM private key done: type RSA > > debug3: sign_and_send_pubkey: RSA > c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 > > debug2: we sent a publickey packet, wait for reply > > debug1: Authentications that can continue: publickey > > debug2: we did not send a packet, disable method > > debug1: No more authentication methods to try. > > Permission denied (publickey). > > On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom > wrote: > >> >> Sorry that isn't really useful. You may need to provide the ssh -vvv and >> sshd -ddd outputs on the client and server respectively to determine what >> is going on. >> >> Normally public key errors means that permissions are wrong on the key >> material or the directory leading to the key material in the user's home >> directory. >> >> - Ben >> >> Nick Stanoszek wrote: >> >> My apologies Darren, >> >> The error i get is a "PUBLICKEY" error as noted previously. >> >> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >> >> Permission denied (publickey). >> >> Nicks-MacBook-Pro:Downloads$ >> >> >> I followed the directions as noted in the previous email to a T. Just >> copied and pasted---and used v6.9 ssh (which is the latest). What other >> info do you need? >> >> >> Thanks >> >> Nick >> >> >> >> >> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >> >> >> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >> wrote: >> >> >> Hi again, >> >> I ran the commands exactly. I see that some keys are not overwritten and >> skipped---but some are still created. >> >> >> You may be able to see that, but we can't unless you show us what it said, >> and you didn't. >> >> I just tried again...and still get an error. >> >> quoting from my previous response: "Exactly what error?" >> >> >> >> Thoughts to prevent it from overwriting my keys? >> >> >> You have not provided sufficient information to do anything more that >> guess, and I've already done that. >> >> -- >> Darren Tucker (dtucker at zip.com.au) >> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >> Good judgement comes with experience. Unfortunately, the experience >> usually comes from bad judgement. >> >> >> _______________________________________________ >> openssh-unix-dev mailing listopenssh-unix-dev at mindrot.orghttps://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >> >> >> > > From mouring at eviladmin.org Wed Jul 29 12:00:30 2015 From: mouring at eviladmin.org (Ben Lindstrom) Date: Tue, 28 Jul 2015 21:00:30 -0500 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: <55B832A2.5010102@eviladmin.org> Message-ID: <55B833BE.70705@eviladmin.org> And Server? - Ben Nick Stanoszek wrote: > Please see below :). Just a note---this is the EXACT command that I > use to log into the server BEFORE i try to update SSH. I continue to > use this same command for other servers. > > Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem > ubuntu at 54.200.249.185 -v -v -v -v > > OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 > > debug1: Reading configuration data /etc/ssh_config > > debug1: /etc/ssh_config line 20: Applying options for * > > debug2: ssh_connect: needpriv 0 > > debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. > > debug1: Connection established. > > debug3: Incorrect RSA1 identifier > > debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key > > debug1: identity file Payr-SimplicityPOSKey.pem type -1 > > debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_6.2 > > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 > > debug1: match: OpenSSH_6.9 pat OpenSSH* > > debug2: fd 3 setting O_NONBLOCK > > debug3: load_hostkeys: loading entries for host "54.200.249.185" from > file "/Users/nickstanoszek/.ssh/known_hosts" > > debug3: load_hostkeys: found key type RSA in file > /Users/nickstanoszek/.ssh/known_hosts:55 > > debug3: load_hostkeys: loaded 1 keys > > debug3: order_hostkeyalgs: prefer hostkeyalgs: > ssh-rsa-cert-v01 at openssh.com > ,ssh-rsa-cert-v00 at openssh.com > ,ssh-rsa > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com > ,ssh-rsa-cert-v00 at openssh.com > ,ssh-rsa,ssh-dss-cert-v01 at openssh.com > ,ssh-dss-cert-v00 at openssh.com > ,ssh-dss > > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com > ,aes256-gcm at openssh.com > ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se > > > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com > ,aes256-gcm at openssh.com > ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se > > > debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com > ,hmac-sha1-etm at openssh.com > ,umac-64-etm at openssh.com > ,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com > ,hmac-sha2-512-etm at openssh.com > ,hmac-ripemd160-etm at openssh.com > ,hmac-sha1-96-etm at openssh.com > ,hmac-md5-96-etm at openssh.com > ,hmac-md5,hmac-sha1,umac-64 at openssh.com > ,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com > ,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com > ,hmac-sha1-etm at openssh.com > ,umac-64-etm at openssh.com > ,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com > ,hmac-sha2-512-etm at openssh.com > ,hmac-ripemd160-etm at openssh.com > ,hmac-sha1-96-etm at openssh.com > ,hmac-md5-96-etm at openssh.com > ,hmac-md5,hmac-sha1,umac-64 at openssh.com > ,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com > ,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: none,zlib at openssh.com > ,zlib > > debug2: kex_parse_kexinit: none,zlib at openssh.com > ,zlib > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org > ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 > > debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com > ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com > ,aes256-gcm at openssh.com > > > debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com > ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com > ,aes256-gcm at openssh.com > > > debug2: kex_parse_kexinit: umac-64-etm at openssh.com > ,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com > ,hmac-sha2-512-etm at openssh.com > ,hmac-sha1-etm at openssh.com > ,umac-64 at openssh.com > ,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 > > debug2: kex_parse_kexinit: umac-64-etm at openssh.com > ,umac-128-etm at openssh.com > ,hmac-sha2-256-etm at openssh.com > ,hmac-sha2-512-etm at openssh.com > ,hmac-sha1-etm at openssh.com > ,umac-64 at openssh.com > ,umac-128 at openssh.com > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 > > debug2: kex_parse_kexinit: none,zlib at openssh.com > > debug2: kex_parse_kexinit: none,zlib at openssh.com > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: mac_setup: found hmac-sha1-etm at openssh.com > > > debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com > none > > debug2: mac_setup: found hmac-sha1-etm at openssh.com > > > debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com > none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug2: dh_gen_key: priv key bits set: 163/320 > > debug2: bits set: 1029/2048 > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug1: Server host key: RSA > e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 > > debug3: load_hostkeys: loading entries for host "54.200.249.185" from > file "/Users/nickstanoszek/.ssh/known_hosts" > > debug3: load_hostkeys: found key type RSA in file > /Users/nickstanoszek/.ssh/known_hosts:55 > > debug3: load_hostkeys: loaded 1 keys > > debug1: Host '54.200.249.185' is known and matches the RSA host key. > > debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 > > debug2: bits set: 1020/2048 > > debug1: ssh_rsa_verify: signature correct > > debug2: kex_derive_keys > > debug2: set_newkeys: mode 1 > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug2: set_newkeys: mode 0 > > debug1: SSH2_MSG_NEWKEYS received > > debug1: Roaming not allowed by server > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug2: service_accept: ssh-userauth > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit > > debug1: Authentications that can continue: publickey > > debug3: start over, passed a different list publickey > > debug3: preferred > gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password > > debug3: authmethod_lookup publickey > > debug3: remaining preferred: keyboard-interactive,password > > debug3: authmethod_is_enabled publickey > > debug1: Next authentication method: publickey > > debug1: Trying private key: Payr-SimplicityPOSKey.pem > > debug1: read PEM private key done: type RSA > > debug3: sign_and_send_pubkey: RSA > c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 > > debug2: we sent a publickey packet, wait for reply > > debug1: Authentications that can continue: publickey > > debug2: we did not send a packet, disable method > > debug1: No more authentication methods to try. > > Permission denied (publickey). > > > On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom > wrote: > > > Sorry that isn't really useful. You may need to provide the ssh > -vvv and sshd -ddd outputs on the client and server respectively > to determine what is going on. > > Normally public key errors means that permissions are wrong on the > key material or the directory leading to the key material in the > user's home directory. > > - Ben > > Nick Stanoszek wrote: >> My apologies Darren, >> >> The error i get is a "PUBLICKEY" error as noted previously. >> >> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >> >> Permission denied (publickey). >> >> Nicks-MacBook-Pro:Downloads$ >> >> >> I followed the directions as noted in the previous email to a T. Just >> copied and pasted---and used v6.9 ssh (which is the latest). What other >> info do you need? >> >> >> Thanks >> >> Nick >> >> >> >> >> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >> >>> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >>> wrote: >>> >>>> Hi again, >>>> >>>> I ran the commands exactly. I see that some keys are not overwritten and >>>> skipped---but some are still created. >>>> >>> You may be able to see that, but we can't unless you show us what it said, >>> and you didn't. >>> >>> I just tried again...and still get an error. >>> quoting from my previous response: "Exactly what error?" >>> >>> >>>> Thoughts to prevent it from overwriting my keys? >>>> >>> You have not provided sufficient information to do anything more that >>> guess, and I've already done that. >>> >>> -- >>> Darren Tucker (dtucker atzip.com.au ) >>> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >>> Good judgement comes with experience. Unfortunately, the experience >>> usually comes from bad judgement. >>> >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev at mindrot.org >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > > From nstanoszek at gmail.com Wed Jul 29 12:09:08 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Tue, 28 Jul 2015 22:09:08 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: <55B83531.5020800@eviladmin.org> References: <55B832A2.5010102@eviladmin.org> <55B833BE.70705@eviladmin.org> <55B83531.5020800@eviladmin.org> Message-ID: I will have to recreate another instance and do this--i am locked out. On Tue, Jul 28, 2015 at 10:06 PM, Ben Lindstrom wrote: > > No I'm referring to "sshd -ddd" (preferrable on a high port like -p 8080 > so you don't break your current ability to connect to the machine). As > clearly the server is rejecting it. And only the server side debug can > tell us that. > > > - Ben > > Nick Stanoszek wrote: > > I am using an AWS ubuntu 14.04 server...is that what you are asking? > > On Tue, Jul 28, 2015 at 10:00 PM, Ben Lindstrom > wrote: > >> And Server? >> >> >> - Ben >> >> Nick Stanoszek wrote: >> >> Please see below :). Just a note---this is the EXACT command that I use >> to log into the server BEFORE i try to update SSH. I continue to use this >> same command for other servers. >> >> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at 54.200.249.185 -v >> -v -v -v >> >> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 >> >> debug1: Reading configuration data /etc/ssh_config >> >> debug1: /etc/ssh_config line 20: Applying options for * >> >> debug2: ssh_connect: needpriv 0 >> >> debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. >> >> debug1: Connection established. >> >> debug3: Incorrect RSA1 identifier >> >> debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key >> >> debug1: identity file Payr-SimplicityPOSKey.pem type -1 >> >> debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 >> >> debug1: Enabling compatibility mode for protocol 2.0 >> >> debug1: Local version string SSH-2.0-OpenSSH_6.2 >> >> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 >> >> debug1: match: OpenSSH_6.9 pat OpenSSH* >> >> debug2: fd 3 setting O_NONBLOCK >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" from >> file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug3: order_hostkeyalgs: prefer hostkeyalgs: >> ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa >> >> debug1: SSH2_MSG_KEXINIT sent >> >> debug1: SSH2_MSG_KEXINIT received >> >> debug2: kex_parse_kexinit: >> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >> >> debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com, >> ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ssh-dss-cert-v01 at openssh.com, >> ssh-dss-cert-v00 at openssh.com,ssh-dss >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >> aes128-gcm at openssh.com,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >> rijndael-cbc at lysator.liu.se >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >> aes128-gcm at openssh.com,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >> rijndael-cbc at lysator.liu.se >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, >> hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com, >> hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, >> hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com, >> hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org >> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 >> >> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, >> aes256-gcm at openssh.com >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, >> aes256-gcm at openssh.com >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, >> umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, >> umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com none >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com none >> >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> >> debug2: dh_gen_key: priv key bits set: 163/320 >> >> debug2: bits set: 1029/2048 >> >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> >> debug1: Server host key: RSA >> e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" from >> file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug1: Host '54.200.249.185' is known and matches the RSA host key. >> >> debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug2: bits set: 1020/2048 >> >> debug1: ssh_rsa_verify: signature correct >> >> debug2: kex_derive_keys >> >> debug2: set_newkeys: mode 1 >> >> debug1: SSH2_MSG_NEWKEYS sent >> >> debug1: expecting SSH2_MSG_NEWKEYS >> >> debug2: set_newkeys: mode 0 >> >> debug1: SSH2_MSG_NEWKEYS received >> >> debug1: Roaming not allowed by server >> >> debug1: SSH2_MSG_SERVICE_REQUEST sent >> >> debug2: service_accept: ssh-userauth >> >> debug1: SSH2_MSG_SERVICE_ACCEPT received >> >> debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit >> >> debug1: Authentications that can continue: publickey >> >> debug3: start over, passed a different list publickey >> >> debug3: preferred >> gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password >> >> debug3: authmethod_lookup publickey >> >> debug3: remaining preferred: keyboard-interactive,password >> >> debug3: authmethod_is_enabled publickey >> >> debug1: Next authentication method: publickey >> >> debug1: Trying private key: Payr-SimplicityPOSKey.pem >> >> debug1: read PEM private key done: type RSA >> >> debug3: sign_and_send_pubkey: RSA >> c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 >> >> debug2: we sent a publickey packet, wait for reply >> >> debug1: Authentications that can continue: publickey >> >> debug2: we did not send a packet, disable method >> >> debug1: No more authentication methods to try. >> >> Permission denied (publickey). >> >> On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom >> wrote: >> >>> >>> Sorry that isn't really useful. You may need to provide the ssh -vvv >>> and sshd -ddd outputs on the client and server respectively to determine >>> what is going on. >>> >>> Normally public key errors means that permissions are wrong on the key >>> material or the directory leading to the key material in the user's home >>> directory. >>> >>> - Ben >>> >>> Nick Stanoszek wrote: >>> >>> My apologies Darren, >>> >>> The error i get is a "PUBLICKEY" error as noted previously. >>> >>> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >>> >>> Permission denied (publickey). >>> >>> Nicks-MacBook-Pro:Downloads$ >>> >>> >>> I followed the directions as noted in the previous email to a T. Just >>> copied and pasted---and used v6.9 ssh (which is the latest). What other >>> info do you need? >>> >>> >>> Thanks >>> >>> Nick >>> >>> >>> >>> >>> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >>> >>> >>> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >>> wrote: >>> >>> >>> Hi again, >>> >>> I ran the commands exactly. I see that some keys are not overwritten and >>> skipped---but some are still created. >>> >>> >>> You may be able to see that, but we can't unless you show us what it said, >>> and you didn't. >>> >>> I just tried again...and still get an error. >>> >>> quoting from my previous response: "Exactly what error?" >>> >>> >>> >>> Thoughts to prevent it from overwriting my keys? >>> >>> >>> You have not provided sufficient information to do anything more that >>> guess, and I've already done that. >>> >>> -- >>> Darren Tucker (dtucker at zip.com.au) >>> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >>> Good judgement comes with experience. Unfortunately, the experience >>> usually comes from bad judgement. >>> >>> >>> _______________________________________________ >>> openssh-unix-dev mailing listopenssh-unix-dev at mindrot.orghttps://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >>> >>> >>> >> >> > > From mouring at eviladmin.org Wed Jul 29 12:06:41 2015 From: mouring at eviladmin.org (Ben Lindstrom) Date: Tue, 28 Jul 2015 21:06:41 -0500 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: References: <55B832A2.5010102@eviladmin.org> <55B833BE.70705@eviladmin.org> Message-ID: <55B83531.5020800@eviladmin.org> No I'm referring to "sshd -ddd" (preferrable on a high port like -p 8080 so you don't break your current ability to connect to the machine). As clearly the server is rejecting it. And only the server side debug can tell us that. - Ben Nick Stanoszek wrote: > I am using an AWS ubuntu 14.04 server...is that what you are asking? > > On Tue, Jul 28, 2015 at 10:00 PM, Ben Lindstrom > wrote: > > And Server? > > > - Ben > > Nick Stanoszek wrote: >> Please see below :). Just a note---this is the EXACT command >> that I use to log into the server BEFORE i try to update SSH. I >> continue to use this same command for other servers. >> >> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem >> ubuntu at 54.200.249.185 -v -v -v -v >> >> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 >> >> debug1: Reading configuration data /etc/ssh_config >> >> debug1: /etc/ssh_config line 20: Applying options for * >> >> debug2: ssh_connect: needpriv 0 >> >> debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. >> >> debug1: Connection established. >> >> debug3: Incorrect RSA1 identifier >> >> debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 >> public key >> >> debug1: identity file Payr-SimplicityPOSKey.pem type -1 >> >> debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 >> >> debug1: Enabling compatibility mode for protocol 2.0 >> >> debug1: Local version string SSH-2.0-OpenSSH_6.2 >> >> debug1: Remote protocol version 2.0, remote software version >> OpenSSH_6.9 >> >> debug1: match: OpenSSH_6.9 pat OpenSSH* >> >> debug2: fd 3 setting O_NONBLOCK >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" >> from file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug3: order_hostkeyalgs: prefer hostkeyalgs: >> ssh-rsa-cert-v01 at openssh.com >> ,ssh-rsa-cert-v00 at openssh.com ,ssh-rsa >> >> debug1: SSH2_MSG_KEXINIT sent >> >> debug1: SSH2_MSG_KEXINIT received >> >> debug2: kex_parse_kexinit: >> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >> >> debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com >> ,ssh-rsa-cert-v00 at openssh.com ,ssh-rsa,ssh-dss-cert-v01 at openssh.com >> ,ssh-dss-cert-v00 at openssh.com ,ssh-dss >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com >> ,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se >> >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com >> ,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se >> >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com >> ,hmac-sha1-etm at openssh.com >> ,umac-64-etm at openssh.com >> ,umac-128-etm at openssh.com >> ,hmac-sha2-256-etm at openssh.com >> ,hmac-sha2-512-etm at openssh.com >> ,hmac-ripemd160-etm at openssh.com >> ,hmac-sha1-96-etm at openssh.com >> ,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com >> ,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com >> ,hmac-sha1-etm at openssh.com >> ,umac-64-etm at openssh.com >> ,umac-128-etm at openssh.com >> ,hmac-sha2-256-etm at openssh.com >> ,hmac-sha2-512-etm at openssh.com >> ,hmac-ripemd160-etm at openssh.com >> ,hmac-sha1-96-etm at openssh.com >> ,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com >> ,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> ,zlib >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> ,zlib >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org >> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 >> >> debug2: kex_parse_kexinit: >> ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com >> ,aes256-gcm at openssh.com >> >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com >> ,aes256-gcm at openssh.com >> >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com >> ,umac-128-etm at openssh.com >> ,hmac-sha2-256-etm at openssh.com >> ,hmac-sha2-512-etm at openssh.com >> ,hmac-sha1-etm at openssh.com >> ,umac-64 at openssh.com >> ,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com >> ,umac-128-etm at openssh.com >> ,hmac-sha2-256-etm at openssh.com >> ,hmac-sha2-512-etm at openssh.com >> ,hmac-sha1-etm at openssh.com >> ,umac-64 at openssh.com >> ,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> >> debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com >> none >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> >> debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com >> none >> >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> >> debug2: dh_gen_key: priv key bits set: 163/320 >> >> debug2: bits set: 1029/2048 >> >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> >> debug1: Server host key: RSA >> e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" >> from file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug1: Host '54.200.249.185' is known and matches the RSA host key. >> >> debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug2: bits set: 1020/2048 >> >> debug1: ssh_rsa_verify: signature correct >> >> debug2: kex_derive_keys >> >> debug2: set_newkeys: mode 1 >> >> debug1: SSH2_MSG_NEWKEYS sent >> >> debug1: expecting SSH2_MSG_NEWKEYS >> >> debug2: set_newkeys: mode 0 >> >> debug1: SSH2_MSG_NEWKEYS received >> >> debug1: Roaming not allowed by server >> >> debug1: SSH2_MSG_SERVICE_REQUEST sent >> >> debug2: service_accept: ssh-userauth >> >> debug1: SSH2_MSG_SERVICE_ACCEPT received >> >> debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit >> >> debug1: Authentications that can continue: publickey >> >> debug3: start over, passed a different list publickey >> >> debug3: preferred >> gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password >> >> debug3: authmethod_lookup publickey >> >> debug3: remaining preferred: keyboard-interactive,password >> >> debug3: authmethod_is_enabled publickey >> >> debug1: Next authentication method: publickey >> >> debug1: Trying private key: Payr-SimplicityPOSKey.pem >> >> debug1: read PEM private key done: type RSA >> >> debug3: sign_and_send_pubkey: RSA >> c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 >> >> debug2: we sent a publickey packet, wait for reply >> >> debug1: Authentications that can continue: publickey >> >> debug2: we did not send a packet, disable method >> >> debug1: No more authentication methods to try. >> >> Permission denied (publickey). >> >> >> On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom >> > wrote: >> >> >> Sorry that isn't really useful. You may need to provide the >> ssh -vvv and sshd -ddd outputs on the client and server >> respectively to determine what is going on. >> >> Normally public key errors means that permissions are wrong >> on the key material or the directory leading to the key >> material in the user's home directory. >> >> - Ben >> >> Nick Stanoszek wrote: >>> My apologies Darren, >>> >>> The error i get is a "PUBLICKEY" error as noted previously. >>> >>> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >>> >>> Permission denied (publickey). >>> >>> Nicks-MacBook-Pro:Downloads$ >>> >>> >>> I followed the directions as noted in the previous email to a T. Just >>> copied and pasted---and used v6.9 ssh (which is the latest). What other >>> info do you need? >>> >>> >>> Thanks >>> >>> Nick >>> >>> >>> >>> >>> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >>> >>>> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >>>> wrote: >>>> >>>>> Hi again, >>>>> >>>>> I ran the commands exactly. I see that some keys are not overwritten and >>>>> skipped---but some are still created. >>>>> >>>> You may be able to see that, but we can't unless you show us what it said, >>>> and you didn't. >>>> >>>> I just tried again...and still get an error. >>>> quoting from my previous response: "Exactly what error?" >>>> >>>> >>>>> Thoughts to prevent it from overwriting my keys? >>>>> >>>> You have not provided sufficient information to do anything more that >>>> guess, and I've already done that. >>>> >>>> -- >>>> Darren Tucker (dtucker atzip.com.au ) >>>> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >>>> Good judgement comes with experience. Unfortunately, the experience >>>> usually comes from bad judgement. >>>> >>> _______________________________________________ >>> openssh-unix-dev mailing list >>> openssh-unix-dev at mindrot.org >>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >> >> > > From wieland at purdue.edu Wed Jul 29 12:41:15 2015 From: wieland at purdue.edu (Jeff Wieland) Date: Tue, 28 Jul 2015 22:41:15 -0400 Subject: Cisco vs. 6.9 In-Reply-To: <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> Message-ID: <55B83D4B.8000600@purdue.edu> Kash, Howard M CIV USARMY ARL (US) wrote: >> Turns out the problem is the new protocol extension for sending host keys > to >> the client after user authentication (section 2.5 of the PROTOCOLS >> document). Commenting out the notify_hostkeys() call in sshd.c fixes the >> issues with Cisco scp. Maybe a new bug compatibility flag in on order to >> add to the "Cisco-1.*" client string that was added in 6.9? > There's already a flag... just need to add SSH_BUG_HOSTKEYS to "Cisco-1.*" > in compat.c. > > > Howard Making this change works great for me -- one of the three pieces need to allow the ssh (and scp) clients on Cisco devices to talk to OpenSSH 6.9p1. -- Jeff Wieland | Purdue University Network Systems Administrator | ITIS UNIX Platforms Voice: (765)496-8234 | 155 S. Grant Street FAX: (765)496-1380 | West Lafayette, IN 47907 From dtucker at zip.com.au Wed Jul 29 13:20:09 2015 From: dtucker at zip.com.au (Darren Tucker) Date: Wed, 29 Jul 2015 13:20:09 +1000 Subject: Cisco vs. 6.9 In-Reply-To: <55B83D4B.8000600@purdue.edu> References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> <55B83D4B.8000600@purdue.edu> Message-ID: On Wed, Jul 29, 2015 at 12:41 PM, Jeff Wieland wrote: [...] > Making this change works great for me Damien beat me to to it and the diff has already been committed and will be in 7.0. > -- one of the three pieces need to allow the ssh > (and scp) clients on Cisco devices to talk to OpenSSH 6.9p1. I'm aware of one other (the one where Ciscos choke on large DH-GEX requests[1]). What's the third (or other two, if there's something else)? [1] https://anongit.mindrot.org/openssh.git/commit/?id=b282fec1aa05246ed3482270eb70fc3ec5f39a00 -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. From nstanoszek at gmail.com Wed Jul 29 14:06:54 2015 From: nstanoszek at gmail.com (Nick) Date: Wed, 29 Jul 2015 00:06:54 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: <55B83531.5020800@eviladmin.org> References: <55B832A2.5010102@eviladmin.org> <55B833BE.70705@eviladmin.org> <55B83531.5020800@eviladmin.org> Message-ID: <270045AE-AD57-4D94-A76C-E3C3E249384A@gmail.com> All I may have figured it. It has to do with Pam...I will post something tomorrow that hopefully helps...thanks again all! > On Jul 28, 2015, at 10:06 PM, Ben Lindstrom wrote: > > > No I'm referring to "sshd -ddd" (preferrable on a high port like -p 8080 so you don't break your current ability to connect to the machine). As clearly the server is rejecting it. And only the server side debug can tell us that. > > - Ben > > Nick Stanoszek wrote: >> I am using an AWS ubuntu 14.04 server...is that what you are asking? >> >>> On Tue, Jul 28, 2015 at 10:00 PM, Ben Lindstrom wrote: >>> And Server? >>> >>> >>> - Ben >>> >>> Nick Stanoszek wrote: >>>> Please see below :). Just a note---this is the EXACT command that I use to log into the server BEFORE i try to update SSH. I continue to use this same command for other servers. >>>> >>>> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at 54.200.249.185 -v -v -v -v >>>> >>>> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 >>>> >>>> debug1: Reading configuration data /etc/ssh_config >>>> >>>> debug1: /etc/ssh_config line 20: Applying options for * >>>> >>>> debug2: ssh_connect: needpriv 0 >>>> >>>> debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. >>>> >>>> debug1: Connection established. >>>> >>>> debug3: Incorrect RSA1 identifier >>>> >>>> debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key >>>> >>>> debug1: identity file Payr-SimplicityPOSKey.pem type -1 >>>> >>>> debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 >>>> >>>> debug1: Enabling compatibility mode for protocol 2.0 >>>> >>>> debug1: Local version string SSH-2.0-OpenSSH_6.2 >>>> >>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 >>>> >>>> debug1: match: OpenSSH_6.9 pat OpenSSH* >>>> >>>> debug2: fd 3 setting O_NONBLOCK >>>> >>>> debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts" >>>> >>>> debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55 >>>> >>>> debug3: load_hostkeys: loaded 1 keys >>>> >>>> debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa >>>> >>>> debug1: SSH2_MSG_KEXINIT sent >>>> >>>> debug1: SSH2_MSG_KEXINIT received >>>> >>>> debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >>>> >>>> debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ssh-dss-cert-v01 at openssh.com,ssh-dss-cert-v00 at openssh.com,ssh-dss >>>> >>>> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se >>>> >>>> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se >>>> >>>> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 >>>> >>>> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 >>>> >>>> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >>>> >>>> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >>>> >>>> debug2: kex_parse_kexinit: >>>> >>>> debug2: kex_parse_kexinit: >>>> >>>> debug2: kex_parse_kexinit: first_kex_follows 0 >>>> >>>> debug2: kex_parse_kexinit: reserved 0 >>>> >>>> debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 >>>> >>>> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 >>>> >>>> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at openssh.com >>>> >>>> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at openssh.com >>>> >>>> debug2: kex_parse_kexinit: umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>> >>>> debug2: kex_parse_kexinit: umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>> >>>> debug2: kex_parse_kexinit: none,zlib at openssh.com >>>> >>>> debug2: kex_parse_kexinit: none,zlib at openssh.com >>>> >>>> debug2: kex_parse_kexinit: >>>> >>>> debug2: kex_parse_kexinit: >>>> >>>> debug2: kex_parse_kexinit: first_kex_follows 0 >>>> >>>> debug2: kex_parse_kexinit: reserved 0 >>>> >>>> debug2: mac_setup: found hmac-sha1-etm at openssh.com >>>> >>>> debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com none >>>> >>>> debug2: mac_setup: found hmac-sha1-etm at openssh.com >>>> >>>> debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com none >>>> >>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent >>>> >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >>>> >>>> debug2: dh_gen_key: priv key bits set: 163/320 >>>> >>>> debug2: bits set: 1029/2048 >>>> >>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >>>> >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >>>> >>>> debug1: Server host key: RSA e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 >>>> >>>> debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts" >>>> >>>> debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55 >>>> >>>> debug3: load_hostkeys: loaded 1 keys >>>> >>>> debug1: Host '54.200.249.185' is known and matches the RSA host key. >>>> >>>> debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 >>>> >>>> debug2: bits set: 1020/2048 >>>> >>>> debug1: ssh_rsa_verify: signature correct >>>> >>>> debug2: kex_derive_keys >>>> >>>> debug2: set_newkeys: mode 1 >>>> >>>> debug1: SSH2_MSG_NEWKEYS sent >>>> >>>> debug1: expecting SSH2_MSG_NEWKEYS >>>> >>>> debug2: set_newkeys: mode 0 >>>> >>>> debug1: SSH2_MSG_NEWKEYS received >>>> >>>> debug1: Roaming not allowed by server >>>> >>>> debug1: SSH2_MSG_SERVICE_REQUEST sent >>>> >>>> debug2: service_accept: ssh-userauth >>>> >>>> debug1: SSH2_MSG_SERVICE_ACCEPT received >>>> >>>> debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit >>>> >>>> debug1: Authentications that can continue: publickey >>>> >>>> debug3: start over, passed a different list publickey >>>> >>>> debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password >>>> >>>> debug3: authmethod_lookup publickey >>>> >>>> debug3: remaining preferred: keyboard-interactive,password >>>> >>>> debug3: authmethod_is_enabled publickey >>>> >>>> debug1: Next authentication method: publickey >>>> >>>> debug1: Trying private key: Payr-SimplicityPOSKey.pem >>>> >>>> debug1: read PEM private key done: type RSA >>>> >>>> debug3: sign_and_send_pubkey: RSA c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 >>>> >>>> debug2: we sent a publickey packet, wait for reply >>>> >>>> debug1: Authentications that can continue: publickey >>>> >>>> debug2: we did not send a packet, disable method >>>> >>>> debug1: No more authentication methods to try. >>>> >>>> Permission denied (publickey). >>>> >>>> >>>>> On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom wrote: >>>>> >>>>> Sorry that isn't really useful. You may need to provide the ssh -vvv and sshd -ddd outputs on the client and server respectively to determine what is going on. >>>>> >>>>> Normally public key errors means that permissions are wrong on the key material or the directory leading to the key material in the user's home directory. >>>>> >>>>> - Ben >>>>> >>>>> Nick Stanoszek wrote: >>>>>> My apologies Darren, >>>>>> >>>>>> The error i get is a "PUBLICKEY" error as noted previously. >>>>>> >>>>>> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >>>>>> >>>>>> Permission denied (publickey). >>>>>> >>>>>> Nicks-MacBook-Pro:Downloads$ >>>>>> >>>>>> >>>>>> I followed the directions as noted in the previous email to a T. Just >>>>>> copied and pasted---and used v6.9 ssh (which is the latest). What other >>>>>> info do you need? >>>>>> >>>>>> >>>>>> Thanks >>>>>> >>>>>> Nick >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >>>>>> >>>>>>> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >>>>>>> wrote: >>>>>>> >>>>>>>> Hi again, >>>>>>>> >>>>>>>> I ran the commands exactly. I see that some keys are not overwritten and >>>>>>>> skipped---but some are still created. >>>>>>>> >>>>>>> You may be able to see that, but we can't unless you show us what it said, >>>>>>> and you didn't. >>>>>>> >>>>>>> I just tried again...and still get an error. >>>>>>> quoting from my previous response: "Exactly what error?" >>>>>>> >>>>>>> >>>>>>>> Thoughts to prevent it from overwriting my keys? >>>>>>>> >>>>>>> You have not provided sufficient information to do anything more that >>>>>>> guess, and I've already done that. >>>>>>> >>>>>>> -- >>>>>>> Darren Tucker (dtucker at zip.com.au) >>>>>>> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >>>>>>> Good judgement comes with experience. Unfortunately, the experience >>>>>>> usually comes from bad judgement. >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> openssh-unix-dev mailing list >>>>>> openssh-unix-dev at mindrot.org >>>>>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > From wieland at purdue.edu Wed Jul 29 14:11:54 2015 From: wieland at purdue.edu (Jeff Wieland) Date: Wed, 29 Jul 2015 00:11:54 -0400 Subject: Cisco vs. 6.9 In-Reply-To: References: <8B01299690A8A94AB8629283FAFED8F1AB3A1CEC@umechpany.easf.csd.disa.mil> <1437711872.55b1be00b44147.10347432@www.paypc.com> <8B01299690A8A94AB8629283FAFED8F1AB3A4455@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3A9450@umechpany.easf.csd.disa.mil> <8B01299690A8A94AB8629283FAFED8F1AB3C2420@umechpany.easf.csd.disa.mil> <55B83D4B.8000600@purdue.edu> Message-ID: <55B8528A.1030000@purdue.edu> We needed to enale the CBC ciphers and the *-SHA1 Key exchange algorithms as well, but that's a run time change. I didn't know that there was more to be done. Darren Tucker wrote: > On Wed, Jul 29, 2015 at 12:41 PM, Jeff Wieland > wrote: > [...] > > Making this change works great for me > > > Damien beat me to to it and the diff has already been committed and > will be in 7.0. > > -- one of the three pieces need to allow the ssh > (and scp) clients on Cisco devices to talk to OpenSSH 6.9p1. > > > I'm aware of one other (the one where Ciscos choke on large DH-GEX > requests[1]). What's the third (or other two, if there's something else)? > > [1] > https://anongit.mindrot.org/openssh.git/commit/?id=b282fec1aa05246ed3482270eb70fc3ec5f39a00 > -- > Darren Tucker (dtucker at zip.com.au ) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. -- Jeff Wieland | Purdue University Network Systems Administrator | ITIS UNIX Platforms Voice: (765)496-8234 | 155 S. Grant Street FAX: (765)496-1380 | West Lafayette, IN 47907 From nstanoszek at gmail.com Thu Jul 30 00:05:22 2015 From: nstanoszek at gmail.com (Nick Stanoszek) Date: Wed, 29 Jul 2015 10:05:22 -0400 Subject: Updating from 6.6 - 6.9 SSH In-Reply-To: <270045AE-AD57-4D94-A76C-E3C3E249384A@gmail.com> References: <55B832A2.5010102@eviladmin.org> <55B833BE.70705@eviladmin.org> <55B83531.5020800@eviladmin.org> <270045AE-AD57-4D94-A76C-E3C3E249384A@gmail.com> Message-ID: Using the same link, these are the steps that I followed: sudo apt-get update wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-6.8p1.tar.gz tar -zxvf openssh-6.8p1.tar.gz cd openssh-6.8p sudo apt-get install build-essential (I installed all the packages that were recommended as well if errors occurred) sudo ./configure --sysconfdir=/etc/ssh sudo make sudo service ssh stop sudo make install sudo mv /usr/sbin/sshd /usr/sbin/sshd_20150107 sudo cp /usr/local/sbin/sshd /usr/sbin/sshd Go to the /etc/ssh/sshd_config find UsePAM add # before it and then save it Now go to /etc/ssh/ssh_config. There are two "GGS..." lines. Put #'s before both of those as well to comment them out. sudo service ssh start (this may "hang"...so hit control + C if needed to get out for exit or the next step if desired. **THIS NEXT STEP ISN'T 100% NECESSARY** sudo su - passwd ubuntu (enter your passwords) Now you can log in! On Wed, Jul 29, 2015 at 12:06 AM, Nick wrote: > All > > I may have figured it. It has to do with Pam...I will post something > tomorrow that hopefully helps...thanks again all! > > > > On Jul 28, 2015, at 10:06 PM, Ben Lindstrom wrote: > > > No I'm referring to "sshd -ddd" (preferrable on a high port like -p 8080 > so you don't break your current ability to connect to the machine). As > clearly the server is rejecting it. And only the server side debug can > tell us that. > > - Ben > > Nick Stanoszek wrote: > > I am using an AWS ubuntu 14.04 server...is that what you are asking? > > On Tue, Jul 28, 2015 at 10:00 PM, Ben Lindstrom > wrote: > >> And Server? >> >> >> - Ben >> >> Nick Stanoszek wrote: >> >> Please see below :). Just a note---this is the EXACT command that I use >> to log into the server BEFORE i try to update SSH. I continue to use this >> same command for other servers. >> >> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at 54.200.249.185 -v >> -v -v -v >> >> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 >> >> debug1: Reading configuration data /etc/ssh_config >> >> debug1: /etc/ssh_config line 20: Applying options for * >> >> debug2: ssh_connect: needpriv 0 >> >> debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22. >> >> debug1: Connection established. >> >> debug3: Incorrect RSA1 identifier >> >> debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key >> >> debug1: identity file Payr-SimplicityPOSKey.pem type -1 >> >> debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1 >> >> debug1: Enabling compatibility mode for protocol 2.0 >> >> debug1: Local version string SSH-2.0-OpenSSH_6.2 >> >> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9 >> >> debug1: match: OpenSSH_6.9 pat OpenSSH* >> >> debug2: fd 3 setting O_NONBLOCK >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" from >> file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug3: order_hostkeyalgs: prefer hostkeyalgs: >> ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa >> >> debug1: SSH2_MSG_KEXINIT sent >> >> debug1: SSH2_MSG_KEXINIT received >> >> debug2: kex_parse_kexinit: >> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >> >> debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com, >> ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ssh-dss-cert-v01 at openssh.com, >> ssh-dss-cert-v00 at openssh.com,ssh-dss >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >> aes128-gcm at openssh.com,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >> rijndael-cbc at lysator.liu.se >> >> debug2: kex_parse_kexinit: >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >> aes128-gcm at openssh.com,aes256-gcm at openssh.com >> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >> rijndael-cbc at lysator.liu.se >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, >> hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com, >> hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com, >> hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com, >> hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com >> ,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com >> ,hmac-sha1-96,hmac-md5-96 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org >> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 >> >> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, >> aes256-gcm at openssh.com >> >> debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com >> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com, >> aes256-gcm at openssh.com >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, >> umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: umac-64-etm at openssh.com, >> umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com, >> hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com, >> umac-64 at openssh.com,umac-128 at openssh.com >> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> debug2: kex_parse_kexinit: none,zlib at openssh.com >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: >> >> debug2: kex_parse_kexinit: first_kex_follows 0 >> >> debug2: kex_parse_kexinit: reserved 0 >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> debug1: kex: server->client aes128-ctr hmac-sha1-etm at openssh.com none >> >> debug2: mac_setup: found hmac-sha1-etm at openssh.com >> >> debug1: kex: client->server aes128-ctr hmac-sha1-etm at openssh.com none >> >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> >> debug2: dh_gen_key: priv key bits set: 163/320 >> >> debug2: bits set: 1029/2048 >> >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> >> debug1: Server host key: RSA >> e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0 >> >> debug3: load_hostkeys: loading entries for host "54.200.249.185" from >> file "/Users/nickstanoszek/.ssh/known_hosts" >> >> debug3: load_hostkeys: found key type RSA in file >> /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug3: load_hostkeys: loaded 1 keys >> >> debug1: Host '54.200.249.185' is known and matches the RSA host key. >> >> debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55 >> >> debug2: bits set: 1020/2048 >> >> debug1: ssh_rsa_verify: signature correct >> >> debug2: kex_derive_keys >> >> debug2: set_newkeys: mode 1 >> >> debug1: SSH2_MSG_NEWKEYS sent >> >> debug1: expecting SSH2_MSG_NEWKEYS >> >> debug2: set_newkeys: mode 0 >> >> debug1: SSH2_MSG_NEWKEYS received >> >> debug1: Roaming not allowed by server >> >> debug1: SSH2_MSG_SERVICE_REQUEST sent >> >> debug2: service_accept: ssh-userauth >> >> debug1: SSH2_MSG_SERVICE_ACCEPT received >> >> debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit >> >> debug1: Authentications that can continue: publickey >> >> debug3: start over, passed a different list publickey >> >> debug3: preferred >> gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password >> >> debug3: authmethod_lookup publickey >> >> debug3: remaining preferred: keyboard-interactive,password >> >> debug3: authmethod_is_enabled publickey >> >> debug1: Next authentication method: publickey >> >> debug1: Trying private key: Payr-SimplicityPOSKey.pem >> >> debug1: read PEM private key done: type RSA >> >> debug3: sign_and_send_pubkey: RSA >> c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97 >> >> debug2: we sent a publickey packet, wait for reply >> >> debug1: Authentications that can continue: publickey >> >> debug2: we did not send a packet, disable method >> >> debug1: No more authentication methods to try. >> >> Permission denied (publickey). >> >> On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom >> wrote: >> >>> >>> Sorry that isn't really useful. You may need to provide the ssh -vvv >>> and sshd -ddd outputs on the client and server respectively to determine >>> what is going on. >>> >>> Normally public key errors means that permissions are wrong on the key >>> material or the directory leading to the key material in the user's home >>> directory. >>> >>> - Ben >>> >>> Nick Stanoszek wrote: >>> >>> My apologies Darren, >>> >>> The error i get is a "PUBLICKEY" error as noted previously. >>> >>> Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu at IPADDRESS >>> >>> Permission denied (publickey). >>> >>> Nicks-MacBook-Pro:Downloads$ >>> >>> >>> I followed the directions as noted in the previous email to a T. Just >>> copied and pasted---and used v6.9 ssh (which is the latest). What other >>> info do you need? >>> >>> >>> Thanks >>> >>> Nick >>> >>> >>> >>> >>> On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker wrote: >>> >>> >>> On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek >>> wrote: >>> >>> >>> Hi again, >>> >>> I ran the commands exactly. I see that some keys are not overwritten and >>> skipped---but some are still created. >>> >>> >>> You may be able to see that, but we can't unless you show us what it said, >>> and you didn't. >>> >>> I just tried again...and still get an error. >>> >>> quoting from my previous response: "Exactly what error?" >>> >>> >>> >>> Thoughts to prevent it from overwriting my keys? >>> >>> >>> You have not provided sufficient information to do anything more that >>> guess, and I've already done that. >>> >>> -- >>> Darren Tucker (dtucker at zip.com.au) >>> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >>> Good judgement comes with experience. Unfortunately, the experience >>> usually comes from bad judgement. >>> >>> >>> _______________________________________________ >>> openssh-unix-dev mailing listopenssh-unix-dev at mindrot.orghttps://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >>> >>> >>> >> >> > > From mebhat at akamai.com Thu Jul 30 05:00:12 2015 From: mebhat at akamai.com (Meghana Bhat) Date: Wed, 29 Jul 2015 15:00:12 -0400 Subject: [PATCH] ssh: Add option to present certificates on command line Message-ID: <1438196412-35927-1-git-send-email-mebhat@akamai.com> Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following exchange: http://lists.mindrot.org/pipermail/openssh-unix-dev/2013-September/031629.html Patch developed against 6.9p. --- readconf.c | 48 +++++++++++++++++++ readconf.h | 6 +++ regress/Makefile | 1 + regress/ssh-cert.sh | 136 ++++++++++++++++++++++++++++++++++++++++++++++++++++ ssh.1 | 17 +++++++ ssh.c | 85 +++++++++++++++++++++++++++++++- ssh.h | 7 +++ ssh_config.5 | 33 +++++++++++++ sshconnect2.c | 47 ++++++++++++++++-- 9 files changed, 375 insertions(+), 5 deletions(-) create mode 100644 regress/ssh-cert.sh diff --git a/readconf.c b/readconf.c index f1c860b..b34213d 100644 --- a/readconf.c +++ b/readconf.c @@ -135,6 +135,7 @@ typedef enum { oPasswordAuthentication, oRSAAuthentication, oChallengeResponseAuthentication, oXAuthLocation, oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, + oCertificateFile, oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, @@ -202,6 +203,7 @@ static struct { { "identityfile", oIdentityFile }, { "identityfile2", oIdentityFile }, /* obsolete */ { "identitiesonly", oIdentitiesOnly }, + { "certificatefile", oCertificateFile }, { "hostname", oHostName }, { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, @@ -366,6 +368,37 @@ clear_forwardings(Options *options) } void +add_certificate_file(Options *options, const char *dir, const char *filename, + int userprovided) +{ + char *path; + int i; + + if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES) + fatal("Too many certificate files specified (max %d)", + SSH_MAX_CERTIFICATE_FILES); + + if (dir == NULL) /* no dir, filename is absolute */ + path = xstrdup(filename); + else + (void)xasprintf(&path, "%.100s%.100s", dir, filename); + + /* Avoid registering duplicates */ + for (i = 0; i < options->num_certificate_files; i++) { + if (options->certificate_file_userprovided[i] == userprovided && + strcmp(options->certificate_files[i], path) == 0) { + debug2("%s: ignoring duplicate key %s", __func__, path); + free(path); + return; + } + } + + options->certificate_file_userprovided[options->num_certificate_files] = + userprovided; + options->certificate_files[options->num_certificate_files++] = path; +} + +void add_identity_file(Options *options, const char *dir, const char *filename, int userprovided) { @@ -981,6 +1014,20 @@ parse_time: } break; + case oCertificateFile: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (*activep) { + intptr = &options->num_certificate_files; + if (*intptr >= SSH_MAX_CERTIFICATE_FILES) + fatal("%.200s line %d: Too many identity files specified (max %d).", + filename, linenum, SSH_MAX_CERTIFICATE_FILES); + add_certificate_file(options, NULL, + arg, flags & SSHCONF_USERCONF); + } + break; + case oXAuthLocation: charptr=&options->xauth_location; goto parse_string; @@ -1625,6 +1672,7 @@ initialize_options(Options * options) options->hostkeyalgorithms = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->num_identity_files = 0; + options->num_certificate_files = 0; options->hostname = NULL; options->host_key_alias = NULL; options->proxy_command = NULL; diff --git a/readconf.h b/readconf.h index bb2d552..f839016 100644 --- a/readconf.h +++ b/readconf.h @@ -94,6 +94,11 @@ typedef struct { char *identity_files[SSH_MAX_IDENTITY_FILES]; int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; + + int num_certificate_files; /* Number of extra certificates for ssh. */ + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; + int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; /* Local TCP/IP forward requests. */ int num_local_forwards; @@ -194,5 +199,6 @@ void dump_client_config(Options *o, const char *host); void add_local_forward(Options *, const struct Forward *); void add_remote_forward(Options *, const struct Forward *); void add_identity_file(Options *, const char *, const char *, int); +void add_certificate_file(Options *, const char *, const char *, int); #endif /* READCONF_H */ diff --git a/regress/Makefile b/regress/Makefile index cba83f4..67455a8 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -74,6 +74,7 @@ LTESTS= connect \ hostkey-agent \ keygen-knownhosts \ hostkey-rotate \ + ssh-cert \ principals-command diff --git a/regress/ssh-cert.sh b/regress/ssh-cert.sh new file mode 100644 index 0000000..152278b --- /dev/null +++ b/regress/ssh-cert.sh @@ -0,0 +1,136 @@ +# $OpenBSD: multicert.sh,v 1.1 2014/12/22 08:06:03 djm Exp $ +# Placed in the Public Domain. + +tid="ssh with certificates" + +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* + +# Create a CA key +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\ + fatal "ssh-keygen failed" + +# Make some keys and certificates. +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \ + fatal "ssh-keygen failed" +# Move the certificate to a different address to better control +# when it is offered. +${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key1" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub +${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key2" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub + +trace 'try with identity files' +opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes" +opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2" +echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER + +for p in ${SSH_PROTOCOLS}; do + # Just keys should fail + ${SSH} $opts2 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no certs in protocol $p" + fi + + # Keys with untrusted cert should fail. + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with bad cert in protocol $p" + fi + + # Good cert with bad key should fail. + opts3="$opts -i $OBJ/user_key2 -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no matching key in protocol $p" + fi + + # Keys with one trusted cert, should succeed. + opts3="$opts2 -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert and key in protocol $p" + fi + + # Multiple certs and keys, with one trusted cert, should succeed. + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with multiple certs in protocol $p" + fi + + #Keys with trusted certificate specified in config options, should succeed. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert in config in protocol $p" + fi +done + +#next, using an agent in combination with the keys +SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1 +if [ $? -ne 2 ]; then + fatal "ssh-add -l did not fail with exit code 2" +fi + +trace "start agent" +eval `${SSHAGENT} -s` > /dev/null +r=$? +if [ $r -ne 0 ]; then + fatal "could not start ssh-agent: exit code $r" +fi + +# add private keys to agent +${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi +${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi + +# try ssh with the agent and certificates +# note: ssh agent only uses certificates in protocol 2 +opts="-F $OBJ/ssh_proxy" +# with no certificates, shoud fail +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with no cert" +fi + +#with an untrusted certificate, should fail +opts="$opts -z $OBJ/cert_user_key1_2.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with bad cert" +fi + +#with an additional trusted certificate, should succeed +opts="$opts -z $OBJ/cert_user_key1_1.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -ne 52 ]; then + fail "ssh connect with agent in protocol 2 failed with good cert" +fi + +trace "kill agent" +${SSHAGENT} -k > /dev/null + +#cleanup +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* diff --git a/ssh.1 b/ssh.1 index 2ea0a20..76a9459 100644 --- a/ssh.1 +++ b/ssh.1 @@ -63,6 +63,7 @@ .Op Fl S Ar ctl_path .Op Fl W Ar host : Ns Ar port .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun +.Op Fl z Ar certificate_file .Oo Ar user Ns @ Oc Ns Ar hostname .Op Ar command .Ek @@ -468,6 +469,7 @@ For full details of the options listed below, and their possible values, see .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP .It Cipher @@ -768,6 +770,21 @@ Send log information using the .Xr syslog 3 system module. By default this information is sent to stderr. +.It Fl z Ar certificate_file +Selects a file from which certificate information is loaded for public +key authentication. For the certificate to be signed, the private key +corresponding to +.Ar certificate_file +must also be provided for authentication, whether through +.Xr ssh_agent 1 . +or through an +.Ar identity_file +specified on the command line or in configuration files. +Certificate files may also be specified on a per-host basis in +the configuration file. It is possible to have multiple +.Fl z +options (and multiple certificates specified in +configuration files). .El .Pp .Nm diff --git a/ssh.c b/ssh.c index 3239108..e01790a 100644 --- a/ssh.c +++ b/ssh.c @@ -207,7 +207,8 @@ usage(void) " [-O ctl_cmd] [-o option] [-p port]\n" " [-Q cipher | cipher-auth | mac | kex | key]\n" " [-R address] [-S ctl_path] [-W host:port]\n" -" [-w local_tun[:remote_tun]] [user@]hostname [command]\n" +" [-w local_tun[:remote_tun]] [-z certificate_file]\n" +" [user@]hostname [command]\n" ); exit(255); } @@ -215,6 +216,7 @@ usage(void) static int ssh_session(void); static int ssh_session2(void); static void load_public_identity_files(void); +static void load_certificate_files(void); static void main_sigchld_handler(int); /* from muxclient.c */ @@ -595,7 +597,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { + "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYyz:")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -906,6 +908,9 @@ main(int ac, char **av) case 'F': config = optarg; break; + case 'z': + add_certificate_file(&options, NULL, optarg, 1); + break; default: usage(); } @@ -1013,6 +1018,9 @@ main(int ac, char **av) options.hostname = xstrdup(host); } + /* If the user has specified certificate(s), load it now. */ + load_certificate_files(); + /* If canonicalization requested then try to apply it */ lowercase(host); if (options.canonicalize_hostname != SSH_CANONICALISE_NO) @@ -1353,6 +1361,13 @@ main(int ac, char **av) } } + for (i = 0; i < options.num_certificate_files; i++) { + free(options.certificate_files[i]); + options.certificate_files[i] = NULL; + } + + + exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); @@ -1938,6 +1953,72 @@ ssh_session2(void) options.escape_char : SSH_ESCAPECHAR_NONE, id); } +/* Load certificate file(s) specified in options. */ +static void +load_certificate_files(void) +{ + char *filename, *cp, thishost[NI_MAXHOST]; + char *pwdir = NULL, *pwname = NULL; + struct passwd *pw; + int i, n_ids; + struct sshkey *cert; + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; + + n_ids = 0; + memset(certificate_files, 0, sizeof(certificate_files)); + memset(certificates, 0, sizeof(certificates)); + + if ((pw = getpwuid(original_real_uid)) == NULL) + fatal("load_certificate_files: getpwuid failed"); + pwname = xstrdup(pw->pw_name); + pwdir = xstrdup(pw->pw_dir); + if (gethostname(thishost, sizeof(thishost)) == -1) + fatal("load_certificate_files: gethostname: %s", + strerror(errno)); + + if (options.num_certificate_files > SSH_MAX_CERTIFICATE_FILES) + fatal("load_certificate_files: too many certificates"); + for (i = 0; i < options.num_certificate_files; i++) { + cp = tilde_expand_filename(options.certificate_files[i], + original_real_uid); + filename = percent_expand(cp, "d", pwdir, + "u", pwname, "l", thishost, "h", host, + "r", options.user, (char *)NULL); + free(cp); + + cert = key_load_public(filename, NULL); + debug("certificate file %s type %d", filename, + cert ? cert->type : -1); + free(options.certificate_files[i]); + if (cert == NULL) { + free(filename); + continue; + } + if (!key_is_cert(cert)) { + debug("%s: key %s type %s is not a certificate", + __func__, filename, key_type(cert)); + key_free(cert); + free(filename); + continue; + } + + certificate_files[n_ids] = filename; + certificates[n_ids] = cert; + ++n_ids; + } + options.num_certificate_files = n_ids; + memcpy(options.certificate_files, certificate_files, sizeof(certificate_files)); + memcpy(options.certificates, certificates, sizeof(certificates)); + + explicit_bzero(pwname, strlen(pwname)); + free(pwname); + explicit_bzero(pwdir, strlen(pwdir)); + free(pwdir); +} + + + static void load_public_identity_files(void) { diff --git a/ssh.h b/ssh.h index 4f8da5c..8fb7ba3 100644 --- a/ssh.h +++ b/ssh.h @@ -19,6 +19,13 @@ #define SSH_DEFAULT_PORT 22 /* + * Maximum number of certificate files that can be specified + * in configuration files or on the command line. + */ +#define SSH_MAX_CERTIFICATE_FILES 100 + + +/* * Maximum number of RSA authentication identity files that can be specified * in configuration files or on the command line. */ diff --git a/ssh_config.5 b/ssh_config.5 index e514398..17741b7 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -325,6 +325,34 @@ to be canonicalized to names in the or .Dq *.c.example.com domains. +.It Cm CertificateFile +Specifies a file from which the user's certificate is read. +A corresponding private key must be provided separately in order +to use this certificate. +.Xr ssh 1 +will attempt to use private keys provided as identity files +or in the agent for such authentication. +.Pp +The file name may use the tilde +syntax to refer to a user's home directory or one of the following +escape characters: +.Ql %d +(local user's home directory), +.Ql %u +(local user name), +.Ql %l +(local host name), +.Ql %h +(remote host name) or +.Ql %r +(remote user name). +.Pp +It is possible to have multiple certificate files specified in +configuration files; these certificates will be tried in sequence. +Multiple +.Cm CertificateFile +directives will add to the list of certificates used for +authentication. .It Cm ChallengeResponseAuthentication Specifies whether to use challenge-response authentication. The argument to this keyword must be @@ -911,6 +939,11 @@ differs from that of other configuration directives). may be used in conjunction with .Cm IdentitiesOnly to select which identities in an agent are offered during authentication. +.Cm IdentityFile +may also be used in conjunction with +.Cm CertificateFile +in order to provide any certificate also needed for authentication with +the identity. .It Cm IgnoreUnknown Specifies a pattern-list of unknown options to be ignored if they are encountered in configuration parsing. diff --git a/sshconnect2.c b/sshconnect2.c index 34dbf9a..fb24b5e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1016,6 +1016,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) u_int skip = 0; int ret = -1; int have_sig = 1; + int i; char *fp; if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, @@ -1053,6 +1054,33 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) } buffer_put_string(&b, blob, bloblen); + /* If the key is an input certificate, sign its private key instead. + * If no such private key exists, return failure and continue with + * other methods of authentication. + * Else, just continue with the normal signing process. */ + if (key_is_cert(id->key)) { + for (i = 0; i < options.num_certificate_files; i++) { + if (key_equal(id->key, options.certificates[i])) { + Identity *id2; + int matched = 0; + TAILQ_FOREACH(id2, &authctxt->keys, next) { + if (sshkey_equal_public(id->key, id2->key) && + id->key->type != id2->key->type) { + id = id2; + matched = 1; + break; + } + } + if (!matched) { + free(blob); + buffer_free(&b); + return 0; + } + break; + } + } + } + /* generate signature */ ret = identity_sign(id, &signature, &slen, buffer_ptr(&b), buffer_len(&b), datafellows); @@ -1189,9 +1217,11 @@ load_identity_file(char *filename, int userprovided) /* * try keys in the following order: - * 1. agent keys that are found in the config file - * 2. other agent keys - * 3. keys that are only listed in the config file + * 1. certificates listed in the config file + * 2. other input certificates + * 3. agent keys that are found in the config file + * 4. other agent keys + * 5. keys that are only listed in the config file */ static void pubkey_prepare(Authctxt *authctxt) @@ -1245,6 +1275,17 @@ pubkey_prepare(Authctxt *authctxt) free(id); } } + /* list of certificates specified by user */ + for (i = 0; i < options.num_certificate_files; i++) { + key = options.certificates[i]; + if (!key_is_cert(key)) + continue; + id = xcalloc(1, sizeof(*id)); + id->key = key; + id->filename = xstrdup(options.certificate_files[i]); + id->userprovided = options.certificate_file_userprovided[i]; + TAILQ_INSERT_TAIL(preferred, id, next); + } /* list of keys supported by the agent */ if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { if (r != SSH_ERR_AGENT_NOT_PRESENT) -- 1.9.1 From djm at mindrot.org Thu Jul 30 10:53:24 2015 From: djm at mindrot.org (Damien Miller) Date: Thu, 30 Jul 2015 10:53:24 +1000 (AEST) Subject: [PATCH] ssh: Add option to present certificates on command line In-Reply-To: <1438196412-35927-1-git-send-email-mebhat@akamai.com> References: <1438196412-35927-1-git-send-email-mebhat@akamai.com> Message-ID: Hi, Thanks for this. Could I ask you to create a bug at https://bugzilla.mindrot.org/ and attach your patch there? We're pretty much closed for the 7.0 release ATM but we'll look at it once we're done. I guess something similar for ssh-add would make sense too... -d On Wed, 29 Jul 2015, Meghana Bhat wrote: > Allow users to specify certificates to be used for authentication on > the command line with the '-z' argument when running ssh. For > successful authentication, the key pair associated with the certificate > must also be presented during the ssh. > > Certificates may also be specified in ssh_config as a > CertificateFile. > > This option is meant the address the issue mentioned in the following > exchange: > http://lists.mindrot.org/pipermail/openssh-unix-dev/2013-September/031629.html > > Patch developed against 6.9p. > > --- > readconf.c | 48 +++++++++++++++++++ > readconf.h | 6 +++ > regress/Makefile | 1 + > regress/ssh-cert.sh | 136 ++++++++++++++++++++++++++++++++++++++++++++++++++++ > ssh.1 | 17 +++++++ > ssh.c | 85 +++++++++++++++++++++++++++++++- > ssh.h | 7 +++ > ssh_config.5 | 33 +++++++++++++ > sshconnect2.c | 47 ++++++++++++++++-- > 9 files changed, 375 insertions(+), 5 deletions(-) > create mode 100644 regress/ssh-cert.sh > > diff --git a/readconf.c b/readconf.c > index f1c860b..b34213d 100644 > --- a/readconf.c > +++ b/readconf.c > @@ -135,6 +135,7 @@ typedef enum { > oPasswordAuthentication, oRSAAuthentication, > oChallengeResponseAuthentication, oXAuthLocation, > oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, > + oCertificateFile, > oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, > oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, > oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, > @@ -202,6 +203,7 @@ static struct { > { "identityfile", oIdentityFile }, > { "identityfile2", oIdentityFile }, /* obsolete */ > { "identitiesonly", oIdentitiesOnly }, > + { "certificatefile", oCertificateFile }, > { "hostname", oHostName }, > { "hostkeyalias", oHostKeyAlias }, > { "proxycommand", oProxyCommand }, > @@ -366,6 +368,37 @@ clear_forwardings(Options *options) > } > > void > +add_certificate_file(Options *options, const char *dir, const char *filename, > + int userprovided) > +{ > + char *path; > + int i; > + > + if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES) > + fatal("Too many certificate files specified (max %d)", > + SSH_MAX_CERTIFICATE_FILES); > + > + if (dir == NULL) /* no dir, filename is absolute */ > + path = xstrdup(filename); > + else > + (void)xasprintf(&path, "%.100s%.100s", dir, filename); > + > + /* Avoid registering duplicates */ > + for (i = 0; i < options->num_certificate_files; i++) { > + if (options->certificate_file_userprovided[i] == userprovided && > + strcmp(options->certificate_files[i], path) == 0) { > + debug2("%s: ignoring duplicate key %s", __func__, path); > + free(path); > + return; > + } > + } > + > + options->certificate_file_userprovided[options->num_certificate_files] = > + userprovided; > + options->certificate_files[options->num_certificate_files++] = path; > +} > + > +void > add_identity_file(Options *options, const char *dir, const char *filename, > int userprovided) > { > @@ -981,6 +1014,20 @@ parse_time: > } > break; > > + case oCertificateFile: > + arg = strdelim(&s); > + if (!arg || *arg == '\0') > + fatal("%.200s line %d: Missing argument.", filename, linenum); > + if (*activep) { > + intptr = &options->num_certificate_files; > + if (*intptr >= SSH_MAX_CERTIFICATE_FILES) > + fatal("%.200s line %d: Too many identity files specified (max %d).", > + filename, linenum, SSH_MAX_CERTIFICATE_FILES); > + add_certificate_file(options, NULL, > + arg, flags & SSHCONF_USERCONF); > + } > + break; > + > case oXAuthLocation: > charptr=&options->xauth_location; > goto parse_string; > @@ -1625,6 +1672,7 @@ initialize_options(Options * options) > options->hostkeyalgorithms = NULL; > options->protocol = SSH_PROTO_UNKNOWN; > options->num_identity_files = 0; > + options->num_certificate_files = 0; > options->hostname = NULL; > options->host_key_alias = NULL; > options->proxy_command = NULL; > diff --git a/readconf.h b/readconf.h > index bb2d552..f839016 100644 > --- a/readconf.h > +++ b/readconf.h > @@ -94,6 +94,11 @@ typedef struct { > char *identity_files[SSH_MAX_IDENTITY_FILES]; > int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; > struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; > + > + int num_certificate_files; /* Number of extra certificates for ssh. */ > + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; > + int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; > + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; > > /* Local TCP/IP forward requests. */ > int num_local_forwards; > @@ -194,5 +199,6 @@ void dump_client_config(Options *o, const char *host); > void add_local_forward(Options *, const struct Forward *); > void add_remote_forward(Options *, const struct Forward *); > void add_identity_file(Options *, const char *, const char *, int); > +void add_certificate_file(Options *, const char *, const char *, int); > > #endif /* READCONF_H */ > diff --git a/regress/Makefile b/regress/Makefile > index cba83f4..67455a8 100644 > --- a/regress/Makefile > +++ b/regress/Makefile > @@ -74,6 +74,7 @@ LTESTS= connect \ > hostkey-agent \ > keygen-knownhosts \ > hostkey-rotate \ > + ssh-cert \ > principals-command > > > diff --git a/regress/ssh-cert.sh b/regress/ssh-cert.sh > new file mode 100644 > index 0000000..152278b > --- /dev/null > +++ b/regress/ssh-cert.sh > @@ -0,0 +1,136 @@ > +# $OpenBSD: multicert.sh,v 1.1 2014/12/22 08:06:03 djm Exp $ > +# Placed in the Public Domain. > + > +tid="ssh with certificates" > + > +rm -f $OBJ/user_ca_key* $OBJ/user_key* > +rm -f $OBJ/cert_user_key* > + > +# Create a CA key > +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\ > + fatal "ssh-keygen failed" > +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\ > + fatal "ssh-keygen failed" > + > +# Make some keys and certificates. > +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \ > + fatal "ssh-keygen failed" > +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \ > + fatal "ssh-keygen failed" > +# Move the certificate to a different address to better control > +# when it is offered. > +${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \ > + -z $$ -n ${USER} $OBJ/user_key1 || > + fail "couldn't sign user_key1 with user_ca_key1" > +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub > +${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \ > + -z $$ -n ${USER} $OBJ/user_key1 || > + fail "couldn't sign user_key1 with user_ca_key2" > +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub > + > +trace 'try with identity files' > +opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes" > +opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2" > +echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER > + > +for p in ${SSH_PROTOCOLS}; do > + # Just keys should fail > + ${SSH} $opts2 somehost exit 5$p > + r=$? > + if [ $r -eq 5$p ]; then > + fail "ssh succeeded with no certs in protocol $p" > + fi > + > + # Keys with untrusted cert should fail. > + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub" > + ${SSH} $opts3 somehost exit 5$p > + r=$? > + if [ $r -eq 5$p ]; then > + fail "ssh succeeded with bad cert in protocol $p" > + fi > + > + # Good cert with bad key should fail. > + opts3="$opts -i $OBJ/user_key2 -z $OBJ/cert_user_key1_1.pub" > + ${SSH} $opts3 somehost exit 5$p > + r=$? > + if [ $r -eq 5$p ]; then > + fail "ssh succeeded with no matching key in protocol $p" > + fi > + > + # Keys with one trusted cert, should succeed. > + opts3="$opts2 -z $OBJ/cert_user_key1_1.pub" > + ${SSH} $opts3 somehost exit 5$p > + r=$? > + if [ $r -ne 5$p ]; then > + fail "ssh failed with trusted cert and key in protocol $p" > + fi > + > + # Multiple certs and keys, with one trusted cert, should succeed. > + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub -z $OBJ/cert_user_key1_1.pub" > + ${SSH} $opts3 somehost exit 5$p > + r=$? > + if [ $r -ne 5$p ]; then > + fail "ssh failed with multiple certs in protocol $p" > + fi > + > + #Keys with trusted certificate specified in config options, should succeed. > + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub" > + ${SSH} $opts3 somehost exit 5$p > + r=$? > + if [ $r -ne 5$p ]; then > + fail "ssh failed with trusted cert in config in protocol $p" > + fi > +done > + > +#next, using an agent in combination with the keys > +SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1 > +if [ $? -ne 2 ]; then > + fatal "ssh-add -l did not fail with exit code 2" > +fi > + > +trace "start agent" > +eval `${SSHAGENT} -s` > /dev/null > +r=$? > +if [ $r -ne 0 ]; then > + fatal "could not start ssh-agent: exit code $r" > +fi > + > +# add private keys to agent > +${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1 > +if [ $? -ne 0 ]; then > + fatal "ssh-add did not succeed with exit code 0" > +fi > +${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1 > +if [ $? -ne 0 ]; then > + fatal "ssh-add did not succeed with exit code 0" > +fi > + > +# try ssh with the agent and certificates > +# note: ssh agent only uses certificates in protocol 2 > +opts="-F $OBJ/ssh_proxy" > +# with no certificates, shoud fail > +${SSH} -2 $opts somehost exit 52 > +if [ $? -eq 52 ]; then > + fail "ssh connect with agent in protocol 2 succeeded with no cert" > +fi > + > +#with an untrusted certificate, should fail > +opts="$opts -z $OBJ/cert_user_key1_2.pub" > +${SSH} -2 $opts somehost exit 52 > +if [ $? -eq 52 ]; then > + fail "ssh connect with agent in protocol 2 succeeded with bad cert" > +fi > + > +#with an additional trusted certificate, should succeed > +opts="$opts -z $OBJ/cert_user_key1_1.pub" > +${SSH} -2 $opts somehost exit 52 > +if [ $? -ne 52 ]; then > + fail "ssh connect with agent in protocol 2 failed with good cert" > +fi > + > +trace "kill agent" > +${SSHAGENT} -k > /dev/null > + > +#cleanup > +rm -f $OBJ/user_ca_key* $OBJ/user_key* > +rm -f $OBJ/cert_user_key* > diff --git a/ssh.1 b/ssh.1 > index 2ea0a20..76a9459 100644 > --- a/ssh.1 > +++ b/ssh.1 > @@ -63,6 +63,7 @@ > .Op Fl S Ar ctl_path > .Op Fl W Ar host : Ns Ar port > .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun > +.Op Fl z Ar certificate_file > .Oo Ar user Ns @ Oc Ns Ar hostname > .Op Ar command > .Ek > @@ -468,6 +469,7 @@ For full details of the options listed below, and their possible values, see > .It CanonicalizeHostname > .It CanonicalizeMaxDots > .It CanonicalizePermittedCNAMEs > +.It CertificateFile > .It ChallengeResponseAuthentication > .It CheckHostIP > .It Cipher > @@ -768,6 +770,21 @@ Send log information using the > .Xr syslog 3 > system module. > By default this information is sent to stderr. > +.It Fl z Ar certificate_file > +Selects a file from which certificate information is loaded for public > +key authentication. For the certificate to be signed, the private key > +corresponding to > +.Ar certificate_file > +must also be provided for authentication, whether through > +.Xr ssh_agent 1 . > +or through an > +.Ar identity_file > +specified on the command line or in configuration files. > +Certificate files may also be specified on a per-host basis in > +the configuration file. It is possible to have multiple > +.Fl z > +options (and multiple certificates specified in > +configuration files). > .El > .Pp > .Nm > diff --git a/ssh.c b/ssh.c > index 3239108..e01790a 100644 > --- a/ssh.c > +++ b/ssh.c > @@ -207,7 +207,8 @@ usage(void) > " [-O ctl_cmd] [-o option] [-p port]\n" > " [-Q cipher | cipher-auth | mac | kex | key]\n" > " [-R address] [-S ctl_path] [-W host:port]\n" > -" [-w local_tun[:remote_tun]] [user@]hostname [command]\n" > +" [-w local_tun[:remote_tun]] [-z certificate_file]\n" > +" [user@]hostname [command]\n" > ); > exit(255); > } > @@ -215,6 +216,7 @@ usage(void) > static int ssh_session(void); > static int ssh_session2(void); > static void load_public_identity_files(void); > +static void load_certificate_files(void); > static void main_sigchld_handler(int); > > /* from muxclient.c */ > @@ -595,7 +597,7 @@ main(int ac, char **av) > > again: > while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" > - "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { > + "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYyz:")) != -1) { > switch (opt) { > case '1': > options.protocol = SSH_PROTO_1; > @@ -906,6 +908,9 @@ main(int ac, char **av) > case 'F': > config = optarg; > break; > + case 'z': > + add_certificate_file(&options, NULL, optarg, 1); > + break; > default: > usage(); > } > @@ -1013,6 +1018,9 @@ main(int ac, char **av) > options.hostname = xstrdup(host); > } > > + /* If the user has specified certificate(s), load it now. */ > + load_certificate_files(); > + > /* If canonicalization requested then try to apply it */ > lowercase(host); > if (options.canonicalize_hostname != SSH_CANONICALISE_NO) > @@ -1353,6 +1361,13 @@ main(int ac, char **av) > } > } > > + for (i = 0; i < options.num_certificate_files; i++) { > + free(options.certificate_files[i]); > + options.certificate_files[i] = NULL; > + } > + > + > + > exit_status = compat20 ? ssh_session2() : ssh_session(); > packet_close(); > > @@ -1938,6 +1953,72 @@ ssh_session2(void) > options.escape_char : SSH_ESCAPECHAR_NONE, id); > } > > +/* Load certificate file(s) specified in options. */ > +static void > +load_certificate_files(void) > +{ > + char *filename, *cp, thishost[NI_MAXHOST]; > + char *pwdir = NULL, *pwname = NULL; > + struct passwd *pw; > + int i, n_ids; > + struct sshkey *cert; > + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; > + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; > + > + n_ids = 0; > + memset(certificate_files, 0, sizeof(certificate_files)); > + memset(certificates, 0, sizeof(certificates)); > + > + if ((pw = getpwuid(original_real_uid)) == NULL) > + fatal("load_certificate_files: getpwuid failed"); > + pwname = xstrdup(pw->pw_name); > + pwdir = xstrdup(pw->pw_dir); > + if (gethostname(thishost, sizeof(thishost)) == -1) > + fatal("load_certificate_files: gethostname: %s", > + strerror(errno)); > + > + if (options.num_certificate_files > SSH_MAX_CERTIFICATE_FILES) > + fatal("load_certificate_files: too many certificates"); > + for (i = 0; i < options.num_certificate_files; i++) { > + cp = tilde_expand_filename(options.certificate_files[i], > + original_real_uid); > + filename = percent_expand(cp, "d", pwdir, > + "u", pwname, "l", thishost, "h", host, > + "r", options.user, (char *)NULL); > + free(cp); > + > + cert = key_load_public(filename, NULL); > + debug("certificate file %s type %d", filename, > + cert ? cert->type : -1); > + free(options.certificate_files[i]); > + if (cert == NULL) { > + free(filename); > + continue; > + } > + if (!key_is_cert(cert)) { > + debug("%s: key %s type %s is not a certificate", > + __func__, filename, key_type(cert)); > + key_free(cert); > + free(filename); > + continue; > + } > + > + certificate_files[n_ids] = filename; > + certificates[n_ids] = cert; > + ++n_ids; > + } > + options.num_certificate_files = n_ids; > + memcpy(options.certificate_files, certificate_files, sizeof(certificate_files)); > + memcpy(options.certificates, certificates, sizeof(certificates)); > + > + explicit_bzero(pwname, strlen(pwname)); > + free(pwname); > + explicit_bzero(pwdir, strlen(pwdir)); > + free(pwdir); > +} > + > + > + > static void > load_public_identity_files(void) > { > diff --git a/ssh.h b/ssh.h > index 4f8da5c..8fb7ba3 100644 > --- a/ssh.h > +++ b/ssh.h > @@ -19,6 +19,13 @@ > #define SSH_DEFAULT_PORT 22 > > /* > + * Maximum number of certificate files that can be specified > + * in configuration files or on the command line. > + */ > +#define SSH_MAX_CERTIFICATE_FILES 100 > + > + > +/* > * Maximum number of RSA authentication identity files that can be specified > * in configuration files or on the command line. > */ > diff --git a/ssh_config.5 b/ssh_config.5 > index e514398..17741b7 100644 > --- a/ssh_config.5 > +++ b/ssh_config.5 > @@ -325,6 +325,34 @@ to be canonicalized to names in the > or > .Dq *.c.example.com > domains. > +.It Cm CertificateFile > +Specifies a file from which the user's certificate is read. > +A corresponding private key must be provided separately in order > +to use this certificate. > +.Xr ssh 1 > +will attempt to use private keys provided as identity files > +or in the agent for such authentication. > +.Pp > +The file name may use the tilde > +syntax to refer to a user's home directory or one of the following > +escape characters: > +.Ql %d > +(local user's home directory), > +.Ql %u > +(local user name), > +.Ql %l > +(local host name), > +.Ql %h > +(remote host name) or > +.Ql %r > +(remote user name). > +.Pp > +It is possible to have multiple certificate files specified in > +configuration files; these certificates will be tried in sequence. > +Multiple > +.Cm CertificateFile > +directives will add to the list of certificates used for > +authentication. > .It Cm ChallengeResponseAuthentication > Specifies whether to use challenge-response authentication. > The argument to this keyword must be > @@ -911,6 +939,11 @@ differs from that of other configuration directives). > may be used in conjunction with > .Cm IdentitiesOnly > to select which identities in an agent are offered during authentication. > +.Cm IdentityFile > +may also be used in conjunction with > +.Cm CertificateFile > +in order to provide any certificate also needed for authentication with > +the identity. > .It Cm IgnoreUnknown > Specifies a pattern-list of unknown options to be ignored if they are > encountered in configuration parsing. > diff --git a/sshconnect2.c b/sshconnect2.c > index 34dbf9a..fb24b5e 100644 > --- a/sshconnect2.c > +++ b/sshconnect2.c > @@ -1016,6 +1016,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) > u_int skip = 0; > int ret = -1; > int have_sig = 1; > + int i; > char *fp; > > if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, > @@ -1053,6 +1054,33 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) > } > buffer_put_string(&b, blob, bloblen); > > + /* If the key is an input certificate, sign its private key instead. > + * If no such private key exists, return failure and continue with > + * other methods of authentication. > + * Else, just continue with the normal signing process. */ > + if (key_is_cert(id->key)) { > + for (i = 0; i < options.num_certificate_files; i++) { > + if (key_equal(id->key, options.certificates[i])) { > + Identity *id2; > + int matched = 0; > + TAILQ_FOREACH(id2, &authctxt->keys, next) { > + if (sshkey_equal_public(id->key, id2->key) && > + id->key->type != id2->key->type) { > + id = id2; > + matched = 1; > + break; > + } > + } > + if (!matched) { > + free(blob); > + buffer_free(&b); > + return 0; > + } > + break; > + } > + } > + } > + > /* generate signature */ > ret = identity_sign(id, &signature, &slen, > buffer_ptr(&b), buffer_len(&b), datafellows); > @@ -1189,9 +1217,11 @@ load_identity_file(char *filename, int userprovided) > > /* > * try keys in the following order: > - * 1. agent keys that are found in the config file > - * 2. other agent keys > - * 3. keys that are only listed in the config file > + * 1. certificates listed in the config file > + * 2. other input certificates > + * 3. agent keys that are found in the config file > + * 4. other agent keys > + * 5. keys that are only listed in the config file > */ > static void > pubkey_prepare(Authctxt *authctxt) > @@ -1245,6 +1275,17 @@ pubkey_prepare(Authctxt *authctxt) > free(id); > } > } > + /* list of certificates specified by user */ > + for (i = 0; i < options.num_certificate_files; i++) { > + key = options.certificates[i]; > + if (!key_is_cert(key)) > + continue; > + id = xcalloc(1, sizeof(*id)); > + id->key = key; > + id->filename = xstrdup(options.certificate_files[i]); > + id->userprovided = options.certificate_file_userprovided[i]; > + TAILQ_INSERT_TAIL(preferred, id, next); > + } > /* list of keys supported by the agent */ > if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { > if (r != SSH_ERR_AGENT_NOT_PRESENT) > -- > 1.9.1 > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > From mebhat at akamai.com Fri Jul 31 03:44:15 2015 From: mebhat at akamai.com (Bhat, Meghana) Date: Thu, 30 Jul 2015 17:44:15 +0000 Subject: [PATCH] ssh: Add option to present certificates on command line In-Reply-To: References: <1438196412-35927-1-git-send-email-mebhat@akamai.com> Message-ID: Hi, I just created the bug for this patch at this URL: https://bugzilla.mindrot.org/show_bug.cgi?id=2436 Thanks, Meghana From: Damien Miller > Date: Wednesday, July 29, 2015 at 8:53 PM To: Meghana Bhat > Cc: "openssh-unix-dev at mindrot.org" > Subject: Re: [PATCH] ssh: Add option to present certificates on command line Hi, Thanks for this. Could I ask you to create a bug at https://bugzilla.mindrot.org/ and attach your patch there? We're pretty much closed for the 7.0 release ATM but we'll look at it once we're done. I guess something similar for ssh-add would make sense too... -d On Wed, 29 Jul 2015, Meghana Bhat wrote: Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following exchange: http://lists.mindrot.org/pipermail/openssh-unix-dev/2013-September/031629.html Patch developed against 6.9p. --- readconf.c | 48 +++++++++++++++++++ readconf.h | 6 +++ regress/Makefile | 1 + regress/ssh-cert.sh | 136 ++++++++++++++++++++++++++++++++++++++++++++++++++++ ssh.1 | 17 +++++++ ssh.c | 85 +++++++++++++++++++++++++++++++- ssh.h | 7 +++ ssh_config.5 | 33 +++++++++++++ sshconnect2.c | 47 ++++++++++++++++-- 9 files changed, 375 insertions(+), 5 deletions(-) create mode 100644 regress/ssh-cert.sh diff --git a/readconf.c b/readconf.c index f1c860b..b34213d 100644 --- a/readconf.c +++ b/readconf.c @@ -135,6 +135,7 @@ typedef enum { oPasswordAuthentication, oRSAAuthentication, oChallengeResponseAuthentication, oXAuthLocation, oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, + oCertificateFile, oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, @@ -202,6 +203,7 @@ static struct { { "identityfile", oIdentityFile }, { "identityfile2", oIdentityFile }, /* obsolete */ { "identitiesonly", oIdentitiesOnly }, + { "certificatefile", oCertificateFile }, { "hostname", oHostName }, { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, @@ -366,6 +368,37 @@ clear_forwardings(Options *options) } void +add_certificate_file(Options *options, const char *dir, const char *filename, + int userprovided) +{ + char *path; + int i; + + if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES) + fatal("Too many certificate files specified (max %d)", + SSH_MAX_CERTIFICATE_FILES); + + if (dir == NULL) /* no dir, filename is absolute */ + path = xstrdup(filename); + else + (void)xasprintf(&path, "%.100s%.100s", dir, filename); + + /* Avoid registering duplicates */ + for (i = 0; i < options->num_certificate_files; i++) { + if (options->certificate_file_userprovided[i] == userprovided && + strcmp(options->certificate_files[i], path) == 0) { + debug2("%s: ignoring duplicate key %s", __func__, path); + free(path); + return; + } + } + + options->certificate_file_userprovided[options->num_certificate_files] = + userprovided; + options->certificate_files[options->num_certificate_files++] = path; +} + +void add_identity_file(Options *options, const char *dir, const char *filename, int userprovided) { @@ -981,6 +1014,20 @@ parse_time: } break; + case oCertificateFile: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (*activep) { + intptr = &options->num_certificate_files; + if (*intptr >= SSH_MAX_CERTIFICATE_FILES) + fatal("%.200s line %d: Too many identity files specified (max %d).", + filename, linenum, SSH_MAX_CERTIFICATE_FILES); + add_certificate_file(options, NULL, + arg, flags & SSHCONF_USERCONF); + } + break; + case oXAuthLocation: charptr=&options->xauth_location; goto parse_string; @@ -1625,6 +1672,7 @@ initialize_options(Options * options) options->hostkeyalgorithms = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->num_identity_files = 0; + options->num_certificate_files = 0; options->hostname = NULL; options->host_key_alias = NULL; options->proxy_command = NULL; diff --git a/readconf.h b/readconf.h index bb2d552..f839016 100644 --- a/readconf.h +++ b/readconf.h @@ -94,6 +94,11 @@ typedef struct { char *identity_files[SSH_MAX_IDENTITY_FILES]; int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; + + int num_certificate_files; /* Number of extra certificates for ssh. */ + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; + int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; /* Local TCP/IP forward requests. */ int num_local_forwards; @@ -194,5 +199,6 @@ void dump_client_config(Options *o, const char *host); void add_local_forward(Options *, const struct Forward *); void add_remote_forward(Options *, const struct Forward *); void add_identity_file(Options *, const char *, const char *, int); +void add_certificate_file(Options *, const char *, const char *, int); #endif /* READCONF_H */ diff --git a/regress/Makefile b/regress/Makefile index cba83f4..67455a8 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -74,6 +74,7 @@ LTESTS= connect \ hostkey-agent \ keygen-knownhosts \ hostkey-rotate \ + ssh-cert \ principals-command diff --git a/regress/ssh-cert.sh b/regress/ssh-cert.sh new file mode 100644 index 0000000..152278b --- /dev/null +++ b/regress/ssh-cert.sh @@ -0,0 +1,136 @@ +# $OpenBSD: multicert.sh,v 1.1 2014/12/22 08:06:03 djm Exp $ +# Placed in the Public Domain. + +tid="ssh with certificates" + +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* + +# Create a CA key +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\ + fatal "ssh-keygen failed" + +# Make some keys and certificates. +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \ + fatal "ssh-keygen failed" +# Move the certificate to a different address to better control +# when it is offered. +${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key1" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub +${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key2" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub + +trace 'try with identity files' +opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes" +opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2" +echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER + +for p in ${SSH_PROTOCOLS}; do + # Just keys should fail + ${SSH} $opts2 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no certs in protocol $p" + fi + + # Keys with untrusted cert should fail. + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with bad cert in protocol $p" + fi + + # Good cert with bad key should fail. + opts3="$opts -i $OBJ/user_key2 -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no matching key in protocol $p" + fi + + # Keys with one trusted cert, should succeed. + opts3="$opts2 -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert and key in protocol $p" + fi + + # Multiple certs and keys, with one trusted cert, should succeed. + opts3="$opts2 -z $OBJ/cert_user_key1_2.pub -z $OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with multiple certs in protocol $p" + fi + + #Keys with trusted certificate specified in config options, should succeed. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert in config in protocol $p" + fi +done + +#next, using an agent in combination with the keys +SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1 +if [ $? -ne 2 ]; then + fatal "ssh-add -l did not fail with exit code 2" +fi + +trace "start agent" +eval `${SSHAGENT} -s` > /dev/null +r=$? +if [ $r -ne 0 ]; then + fatal "could not start ssh-agent: exit code $r" +fi + +# add private keys to agent +${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi +${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi + +# try ssh with the agent and certificates +# note: ssh agent only uses certificates in protocol 2 +opts="-F $OBJ/ssh_proxy" +# with no certificates, shoud fail +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with no cert" +fi + +#with an untrusted certificate, should fail +opts="$opts -z $OBJ/cert_user_key1_2.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with bad cert" +fi + +#with an additional trusted certificate, should succeed +opts="$opts -z $OBJ/cert_user_key1_1.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -ne 52 ]; then + fail "ssh connect with agent in protocol 2 failed with good cert" +fi + +trace "kill agent" +${SSHAGENT} -k > /dev/null + +#cleanup +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* diff --git a/ssh.1 b/ssh.1 index 2ea0a20..76a9459 100644 --- a/ssh.1 +++ b/ssh.1 @@ -63,6 +63,7 @@ .Op Fl S Ar ctl_path .Op Fl W Ar host : Ns Ar port .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun +.Op Fl z Ar certificate_file .Oo Ar user Ns @ Oc Ns Ar hostname .Op Ar command .Ek @@ -468,6 +469,7 @@ For full details of the options listed below, and their possible values, see .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP .It Cipher @@ -768,6 +770,21 @@ Send log information using the .Xr syslog 3 system module. By default this information is sent to stderr. +.It Fl z Ar certificate_file +Selects a file from which certificate information is loaded for public +key authentication. For the certificate to be signed, the private key +corresponding to +.Ar certificate_file +must also be provided for authentication, whether through +.Xr ssh_agent 1 . +or through an +.Ar identity_file +specified on the command line or in configuration files. +Certificate files may also be specified on a per-host basis in +the configuration file. It is possible to have multiple +.Fl z +options (and multiple certificates specified in +configuration files). .El .Pp .Nm diff --git a/ssh.c b/ssh.c index 3239108..e01790a 100644 --- a/ssh.c +++ b/ssh.c @@ -207,7 +207,8 @@ usage(void) " [-O ctl_cmd] [-o option] [-p port]\n" " [-Q cipher | cipher-auth | mac | kex | key]\n" " [-R address] [-S ctl_path] [-W host:port]\n" -" [-w local_tun[:remote_tun]] [user@]hostname [command]\n" +" [-w local_tun[:remote_tun]] [-z certificate_file]\n" +" [user@]hostname [command]\n" ); exit(255); } @@ -215,6 +216,7 @@ usage(void) static int ssh_session(void); static int ssh_session2(void); static void load_public_identity_files(void); +static void load_certificate_files(void); static void main_sigchld_handler(int); /* from muxclient.c */ @@ -595,7 +597,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { + "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYyz:")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -906,6 +908,9 @@ main(int ac, char **av) case 'F': config = optarg; break; + case 'z': + add_certificate_file(&options, NULL, optarg, 1); + break; default: usage(); } @@ -1013,6 +1018,9 @@ main(int ac, char **av) options.hostname = xstrdup(host); } + /* If the user has specified certificate(s), load it now. */ + load_certificate_files(); + /* If canonicalization requested then try to apply it */ lowercase(host); if (options.canonicalize_hostname != SSH_CANONICALISE_NO) @@ -1353,6 +1361,13 @@ main(int ac, char **av) } } + for (i = 0; i < options.num_certificate_files; i++) { + free(options.certificate_files[i]); + options.certificate_files[i] = NULL; + } + + + exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); @@ -1938,6 +1953,72 @@ ssh_session2(void) options.escape_char : SSH_ESCAPECHAR_NONE, id); } +/* Load certificate file(s) specified in options. */ +static void +load_certificate_files(void) +{ + char *filename, *cp, thishost[NI_MAXHOST]; + char *pwdir = NULL, *pwname = NULL; + struct passwd *pw; + int i, n_ids; + struct sshkey *cert; + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; + + n_ids = 0; + memset(certificate_files, 0, sizeof(certificate_files)); + memset(certificates, 0, sizeof(certificates)); + + if ((pw = getpwuid(original_real_uid)) == NULL) + fatal("load_certificate_files: getpwuid failed"); + pwname = xstrdup(pw->pw_name); + pwdir = xstrdup(pw->pw_dir); + if (gethostname(thishost, sizeof(thishost)) == -1) + fatal("load_certificate_files: gethostname: %s", + strerror(errno)); + + if (options.num_certificate_files > SSH_MAX_CERTIFICATE_FILES) + fatal("load_certificate_files: too many certificates"); + for (i = 0; i < options.num_certificate_files; i++) { + cp = tilde_expand_filename(options.certificate_files[i], + original_real_uid); + filename = percent_expand(cp, "d", pwdir, + "u", pwname, "l", thishost, "h", host, + "r", options.user, (char *)NULL); + free(cp); + + cert = key_load_public(filename, NULL); + debug("certificate file %s type %d", filename, + cert ? cert->type : -1); + free(options.certificate_files[i]); + if (cert == NULL) { + free(filename); + continue; + } + if (!key_is_cert(cert)) { + debug("%s: key %s type %s is not a certificate", + __func__, filename, key_type(cert)); + key_free(cert); + free(filename); + continue; + } + + certificate_files[n_ids] = filename; + certificates[n_ids] = cert; + ++n_ids; + } + options.num_certificate_files = n_ids; + memcpy(options.certificate_files, certificate_files, sizeof(certificate_files)); + memcpy(options.certificates, certificates, sizeof(certificates)); + + explicit_bzero(pwname, strlen(pwname)); + free(pwname); + explicit_bzero(pwdir, strlen(pwdir)); + free(pwdir); +} + + + static void load_public_identity_files(void) { diff --git a/ssh.h b/ssh.h index 4f8da5c..8fb7ba3 100644 --- a/ssh.h +++ b/ssh.h @@ -19,6 +19,13 @@ #define SSH_DEFAULT_PORT 22 /* + * Maximum number of certificate files that can be specified + * in configuration files or on the command line. + */ +#define SSH_MAX_CERTIFICATE_FILES 100 + + +/* * Maximum number of RSA authentication identity files that can be specified * in configuration files or on the command line. */ diff --git a/ssh_config.5 b/ssh_config.5 index e514398..17741b7 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -325,6 +325,34 @@ to be canonicalized to names in the or .Dq *.c.example.com domains. +.It Cm CertificateFile +Specifies a file from which the user's certificate is read. +A corresponding private key must be provided separately in order +to use this certificate. +.Xr ssh 1 +will attempt to use private keys provided as identity files +or in the agent for such authentication. +.Pp +The file name may use the tilde +syntax to refer to a user's home directory or one of the following +escape characters: +.Ql %d +(local user's home directory), +.Ql %u +(local user name), +.Ql %l +(local host name), +.Ql %h +(remote host name) or +.Ql %r +(remote user name). +.Pp +It is possible to have multiple certificate files specified in +configuration files; these certificates will be tried in sequence. +Multiple +.Cm CertificateFile +directives will add to the list of certificates used for +authentication. .It Cm ChallengeResponseAuthentication Specifies whether to use challenge-response authentication. The argument to this keyword must be @@ -911,6 +939,11 @@ differs from that of other configuration directives). may be used in conjunction with .Cm IdentitiesOnly to select which identities in an agent are offered during authentication. +.Cm IdentityFile +may also be used in conjunction with +.Cm CertificateFile +in order to provide any certificate also needed for authentication with +the identity. .It Cm IgnoreUnknown Specifies a pattern-list of unknown options to be ignored if they are encountered in configuration parsing. diff --git a/sshconnect2.c b/sshconnect2.c index 34dbf9a..fb24b5e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1016,6 +1016,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) u_int skip = 0; int ret = -1; int have_sig = 1; + int i; char *fp; if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, @@ -1053,6 +1054,33 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) } buffer_put_string(&b, blob, bloblen); + /* If the key is an input certificate, sign its private key instead. + * If no such private key exists, return failure and continue with + * other methods of authentication. + * Else, just continue with the normal signing process. */ + if (key_is_cert(id->key)) { + for (i = 0; i < options.num_certificate_files; i++) { + if (key_equal(id->key, options.certificates[i])) { + Identity *id2; + int matched = 0; + TAILQ_FOREACH(id2, &authctxt->keys, next) { + if (sshkey_equal_public(id->key, id2->key) && + id->key->type != id2->key->type) { + id = id2; + matched = 1; + break; + } + } + if (!matched) { + free(blob); + buffer_free(&b); + return 0; + } + break; + } + } + } + /* generate signature */ ret = identity_sign(id, &signature, &slen, buffer_ptr(&b), buffer_len(&b), datafellows); @@ -1189,9 +1217,11 @@ load_identity_file(char *filename, int userprovided) /* * try keys in the following order: - * 1. agent keys that are found in the config file - * 2. other agent keys - * 3. keys that are only listed in the config file + * 1. certificates listed in the config file + * 2. other input certificates + * 3. agent keys that are found in the config file + * 4. other agent keys + * 5. keys that are only listed in the config file */ static void pubkey_prepare(Authctxt *authctxt) @@ -1245,6 +1275,17 @@ pubkey_prepare(Authctxt *authctxt) free(id); } } + /* list of certificates specified by user */ + for (i = 0; i < options.num_certificate_files; i++) { + key = options.certificates[i]; + if (!key_is_cert(key)) + continue; + id = xcalloc(1, sizeof(*id)); + id->key = key; + id->filename = xstrdup(options.certificate_files[i]); + id->userprovided = options.certificate_file_userprovided[i]; + TAILQ_INSERT_TAIL(preferred, id, next); + } /* list of keys supported by the agent */ if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { if (r != SSH_ERR_AGENT_NOT_PRESENT) -- 1.9.1 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev at mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev From stopspazzing at gmail.com Fri Jul 31 06:30:28 2015 From: stopspazzing at gmail.com (Stop Spazzing) Date: Thu, 30 Jul 2015 20:30:28 +0000 Subject: Feature Request: Invalid sshd port fallback Message-ID: I would like to suggest adding a fallback in the event that somehow the sshd_config port number is invalid. Example: Port != (1<= or >=65535) By default fall by to port 22, and spit out an error. Same would go for if the new port is already in use, fall back to port 22 and spit out an error. Why is this a good idea? Would be a good idea because people are human and make mistakes, and you shouldn't have to wipe your server just because an invalid port was used by accident. Why is this a bad idea? I see no reason why this would be a bad idea that I am aware of. From mh+openssh-unix-dev at zugschlus.de Fri Jul 31 06:49:02 2015 From: mh+openssh-unix-dev at zugschlus.de (Marc Haber) Date: Thu, 30 Jul 2015 22:49:02 +0200 Subject: Feature Request: Invalid sshd port fallback In-Reply-To: References: Message-ID: <20150730204902.GJ29017@torres.zugschlus.de> On Thu, Jul 30, 2015 at 08:30:28PM +0000, Stop Spazzing wrote: > Why is this a good idea? Would be a good idea because people are human and > make mistakes, and you shouldn't have to wipe your server just because an > invalid port was used by accident. Why would one have to _WIPE_ a server because of a misconfigured sshd? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 From ronf at timeheart.net Fri Jul 31 07:02:36 2015 From: ronf at timeheart.net (Ron Frederick) Date: Thu, 30 Jul 2015 14:02:36 -0700 Subject: Feature Request: Invalid sshd port fallback In-Reply-To: References: Message-ID: <5EA3B277-D637-464E-80C7-CC110B85DE75@timeheart.net> On Jul 30, 2015, at 1:30 PM, Stop Spazzing wrote: > I would like to suggest adding a fallback in the event that somehow the > sshd_config port number is invalid. > > Example: > Port != (1<= or >=65535) > > By default fall by to port 22, and spit out an error. Same would go for if > the new port is already in use, fall back to port 22 and spit out an error. > > Why is this a good idea? Would be a good idea because people are human and > make mistakes, and you shouldn't have to wipe your server just because an > invalid port was used by accident. > > Why is this a bad idea? I see no reason why this would be a bad idea that I > am aware of. I can think of at least one reason why this is a bad idea. There are a lot of ssh port scanners out there connecting on port 22, and people often put their ssh servers on non-standard ports to reduce the amount of this sort of traffic they receive. If you think you have configured a non-standard port and happen to get it wrong, I don?t think you?d want the SSH server to start up on the default port. It would be better to let you know the port is wrong and fail to start until you fixed the problem and selected a valid non-standard port. -- Ron Frederick ronf at timeheart.net From stopspazzing at gmail.com Fri Jul 31 07:26:22 2015 From: stopspazzing at gmail.com (Stop Spazzing) Date: Thu, 30 Jul 2015 21:26:22 +0000 Subject: Feature Request: Invalid sshd port fallback In-Reply-To: <5EA3B277-D637-464E-80C7-CC110B85DE75@timeheart.net> References: <5EA3B277-D637-464E-80C7-CC110B85DE75@timeheart.net> Message-ID: I see your point and that makes valid sense;I even change default port. "It would be better to let you know the port is wrong and fail to start until you fixed the problem and selected a valid non-standard port." Is there any reason something like this isn't implemented already? Could it be implemented? On Thu, Jul 30, 2015 at 2:02 PM Ron Frederick wrote: > On Jul 30, 2015, at 1:30 PM, Stop Spazzing wrote: > > I would like to suggest adding a fallback in the event that somehow the > sshd_config port number is invalid. > > Example: > Port != (1<= or >=65535) > > By default fall by to port 22, and spit out an error. Same would go for if > the new port is already in use, fall back to port 22 and spit out an error. > > Why is this a good idea? Would be a good idea because people are human and > make mistakes, and you shouldn't have to wipe your server just because an > invalid port was used by accident. > > Why is this a bad idea? I see no reason why this would be a bad idea that I > am aware of. > > > I can think of at least one reason why this is a bad idea. There are a lot > of ssh port scanners out there connecting on port 22, and people often put > their ssh servers on non-standard ports to reduce the amount of this sort > of traffic they receive. If you think you have configured a non-standard > port and happen to get it wrong, I don?t think you?d want the SSH server to > start up on the default port. It would be better to let you know the port > is wrong and fail to start until you fixed the problem and selected a valid > non-standard port. > > -- > Ron Frederick > ronf at timeheart.net > > > > From tim at multitalents.net Fri Jul 31 07:48:45 2015 From: tim at multitalents.net (Tim Rice) Date: Thu, 30 Jul 2015 14:48:45 -0700 (PDT) Subject: Feature Request: Invalid sshd port fallback In-Reply-To: References: <5EA3B277-D637-464E-80C7-CC110B85DE75@timeheart.net> Message-ID: On Thu, 30 Jul 2015, Stop Spazzing wrote: > I see your point and that makes valid sense;I even change default port. > > "It would be better to let you know the port is wrong and fail to start > until you fixed the problem and selected a valid non-standard port." > > Is there any reason something like this isn't implemented already? Could it > be implemented? sshd -t -- Tim Rice Multitalents tim at multitalents.net From nkadel at gmail.com Fri Jul 31 09:09:17 2015 From: nkadel at gmail.com (Nico Kadel-Garcia) Date: Thu, 30 Jul 2015 19:09:17 -0400 Subject: Feature Request: Invalid sshd port fallback In-Reply-To: <20150730204902.GJ29017@torres.zugschlus.de> References: <20150730204902.GJ29017@torres.zugschlus.de> Message-ID: On Thu, Jul 30, 2015 at 4:49 PM, Marc Haber wrote: > On Thu, Jul 30, 2015 at 08:30:28PM +0000, Stop Spazzing wrote: >> Why is this a good idea? Would be a good idea because people are human and >> make mistakes, and you shouldn't have to wipe your server just because an >> invalid port was used by accident. > > Why would one have to _WIPE_ a server because of a misconfigured sshd? > > Greetings > Marc If you don't have console access, or it takes a long time to arrange, screwing up sshd_config means you are dead in the water. This is why sshd's default "re-exec sshd and associate it with the terminal sesson" is so invaluable: it allows you to restart the daeemon, and test the new daemon, without losing your active session. From djm at mindrot.org Fri Jul 31 09:13:14 2015 From: djm at mindrot.org (Damien Miller) Date: Fri, 31 Jul 2015 09:13:14 +1000 (AEST) Subject: Feature Request: Invalid sshd port fallback In-Reply-To: References: <5EA3B277-D637-464E-80C7-CC110B85DE75@timeheart.net> Message-ID: On Thu, 30 Jul 2015, Stop Spazzing wrote: > I see your point and that makes valid sense;I even change default port. > > "It would be better to let you know the port is wrong and fail to start > until you fixed the problem and selected a valid non-standard port." > > Is there any reason something like this isn't implemented already? Could it > be implemented? It is: [djm at fuyu ssh]$ /usr/sbin/sshd -oPort=10000000 command-line line 0: Badly formatted port number. Not sure what version you are using, but that check has been in place for a long time.