Maxime Rey
2024-Oct-28 15:01 UTC
[PATCH] Specify signature algorithm during server hostkeys prove
Hello, I've found that when using the ssh agent and sshd together, there is an issue when using multiple host keys. Specifically, after the key exchange phase, when a client requests proof of ownership for the host keys via the "hostkeys-prove-00 at openssh.com" request, the server prepares the response without specifying the signature algoorithm in case of non-RSA keys. This leads to "SSH_ERR_INVALID_ARGUMENT" when verifying the signature in : openssh-portable/authfd.c line if ((r = sshkey_check_sigtype(sig, len, alg)) != 0) To resolve this, I explicitly sets the signature algorithm, ensuring proper verification for all key types. I would appreciate any feedback or suggestions regarding this issue. Best regards, Maxime -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Specify-signature-algorithm-during-server-hostkeys-p.patch Type: text/x-patch Size: 801 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20241028/45150f26/attachment.bin>
Damien Miller
2024-Oct-28 23:58 UTC
[PATCH] Specify signature algorithm during server hostkeys prove
On Mon, 28 Oct 2024, Maxime Rey wrote:> > Hello, > > I've found that when using the ssh agent and sshd together, there is an issue > when using multiple host keys. Specifically, after the key exchange phase, > when a client requests proof of ownership for the host keys via the > "hostkeys-prove-00 at openssh.com" request, the server prepares the response > without specifying the signature algoorithm in case of non-RSA keys. > > This leads to "SSH_ERR_INVALID_ARGUMENT" when verifying the signature in : > > openssh-portable/authfd.c line > if ((r = sshkey_check_sigtype(sig, len, alg)) != 0) > > To resolve this, I explicitly sets the signature > algorithm, ensuring proper verification for all key types. > > I would appreciate any feedback or suggestions regarding this issue.Hi, I'm having trouble replicating this failure by making changes to the existing hostkey-agent.sh regress test. Can you share a bit more about how it happens? Debug traces from the client and server would be very helpful. Thanks, Damien Miller