bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-04 06:48 UTC
[Bug 2737] New: function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Bug ID: 2737
Summary: function identity_sign() assume private key's pub part
as same as the .pub key.
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: Other
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: jj.net at 163.com
1: we use 'ssh-keygen' create two rsa pub/pri key pair with empty
passphrase.
and names it to:
<id_rsa1, id_rsa1.pub>
<id_rsa2, id_rsa2.pub>
2: add two pub key to localhost sshd:
cat id_rsa1.pub >> ~/.ssh/authorized_keys
cat id_rsa2.pub >> ~/.ssh/authorized_keys
3: copy the unmatch pub/pri key to ~/.ssh directory
cp id_rsa1 ~/.ssh/id_rsa
cp id_rsa2.pub ~/.ssh/id_rsa.pub
4: login to localhost without agent.
SSH_AUTH_SOCK= ssh 127.0.0.1 -vvv
can see ssh prompt user input password because of
method pubkey failed. the reasion is identity_sign() used
the id_rsa2.pub as pubkey, and signed it by id_rsa1 private key. that
sshd verify signature failed.
but, if you remove ~/.ssh/id_rsa.pub,
ssh client will used full ~/.ssh/id_rsa (extract pubkey,privatekey)
through
userauth_pubkey()
-->sign_and_send_pubkey()
-->identity_sign()
and login success.
i think ssh designed to login use pubkey as possible we you can.
and if id_rsa unmatch id_rsa.pub, ssh should trust id_rsa and drop the
rsa.pub file, try do login again as id_rsa.pub not exist.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-05 11:09 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |2698
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2698
[Bug 2698] Tracking bug for OpenSSH 7.6 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-05 11:13 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |2698
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I thought we checked that the public key matches the private, but I'll
take another look.
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2698
[Bug 2698] Tracking bug for OpenSSH 7.6 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-06 03:06 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737 --- Comment #2 from jj.net at 163.com --- i saw a comment 'If the key is an certificate, try to find a matching private key....' and key ssh-rsa is not certificate in keytypes. so it skip private key match check in function sign_and_send_pubkey() and maybe some reason i don't know to do this skip.. final the result is in ssh client's point of view, i have correct id_rsa keyfile but can't auto login, that is confusing. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-07 03:44 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737 --- Comment #3 from Damien Miller <djm at mindrot.org> --- Created attachment 3010 --> https://bugzilla.mindrot.org/attachment.cgi?id=3010&action=edit report mismatched private keys I think this should catch the case of mismatched private and public keys. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-07 07:20 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
--- Comment #4 from jj.net at 163.com ---
thanks, i apply this patch and it will report error if mismatched but
not try private again, and add some code to fix it and works.
a/sshconnect2.c
ssherr.h
---------------
#define SSH_ERR_CONN_CORRUPT -54
#define SSH_ERR_PROTOCOL_ERROR -55
+ #define SSH_ERR_KEY_RETRY_PRIVATE -56
/* Translate a numeric error code to a human-readable error string
*/
const char *ssh_err(int n);
ssherr.c
---------------
case SSH_ERR_PROTOCOL_ERROR:
return "Protocol error";
+ case SSH_ERR_KEY_RETRY_PRIVATE:
+ return "Key retry private";
default:
return "unknown error";
ssconnect2.c
---------------
/* load the private key from the file */
if ((prv = load_identity_file(id)) == NULL)
return SSH_ERR_KEY_NOT_FOUND;
+ if (id->key != NULL && !sshkey_equal_public(prv, id->key))
{
+ error("%s: private key %s contents do not match public,
try again with private key",
+ __func__, id->filename);
+ return SSH_ERR_KEY_RETRY_PRIVATE;
+ }
ret = sshkey_sign(prv, sigp, lenp, data, datalen,
key_sign_encode(prv), compat);
sshkey_free(prv);
...
ret = identity_sign(id, &signature, &slen,
buffer_ptr(&b), buffer_len(&b), datafellows);
if (ret != 0) {
if (ret != SSH_ERR_KEY_NOT_FOUND)
error("%s: signing failed: %s", __func__, ssh_err(ret));
+ if (ret == SSH_ERR_KEY_RETRY_PRIVATE) {
+ id->tried = 0;
+ key_free(id->key);
+ id->key = NULL;
+ TAILQ_REMOVE(&authctxt->keys, id, next);
+ TAILQ_INSERT_HEAD(&authctxt->keys, id, next);
}
free(blob);
buffer_free(&b);
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-09 07:42 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737 --- Comment #5 from Damien Miller <djm at mindrot.org> --- I'm reluctant to add more code here. I think it's sufficient to inform the user and let them fix the configuration error if they desire. (also, please use the attachments feature for patches in future.) -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jul-28 03:42 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3010|0 |1
is obsolete| |
Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
CC| |dtucker at zip.com.au
Status|NEW |ASSIGNED
Attachment #3021| |ok?(dtucker at zip.com.au)
Flags| |
--- Comment #6 from Damien Miller <djm at mindrot.org> ---
Created attachment 3021
--> https://bugzilla.mindrot.org/attachment.cgi?id=3021&action=edit
with better error code
This improves the error code returned when the keys don't match.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-04 05:02 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3021|ok?(dtucker at zip.com.au) |ok+
Flags| |
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-11 04:47 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #7 from Damien Miller <djm at mindrot.org> ---
Patch is applied, this will be in openssh-7.6. Thanks!
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Sep-13 02:26 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |carlpaten at gmail.com
--- Comment #8 from Damien Miller <djm at mindrot.org> ---
*** Bug 2776 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-03 03:12 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ilesterg at archlinux.info
--- Comment #9 from Damien Miller <djm at mindrot.org> ---
*** Bug 2661 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 05:11 UTC
[Bug 2737] function identity_sign() assume private key's pub part as same as the .pub key.
https://bugzilla.mindrot.org/show_bug.cgi?id=2737
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #10 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.