openssh bugs - Apr 2019 - [Bug 2996] New: PubkeyAcceptedKeyTypes contains ssh-rsa, but sshd fails pubkey login with "key type ssh-rsa not in PubkeyAcceptedKeyTypes"

https://bugzilla.mindrot.org/show_bug.cgi?id=2996

            Bug ID: 2996
           Summary: PubkeyAcceptedKeyTypes contains ssh-rsa, but sshd
                    fails pubkey login with "key type ssh-rsa not in
                    PubkeyAcceptedKeyTypes"
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: michael at mhill.net

Gentoo, latest available openssh package installed this morning.

# equery l openssh
 * Searching for openssh ...
[IP-] [  ] net-misc/openssh-7.9_p1-r4:0

I have a pub key that I use for automated logins, with restrictions in
the server-side authorized_keys file:

2048 SHA256:[fingerprint] [ID-string] (RSA)

The last working entry from the server logfile shows:

Apr 18 09:33:01 [myserver] sshd[25210]: Accepted publickey for mhill
from [client-ip] port 53628 ssh2: RSA
SHA256:xQw4LejbMPRREe7kI/Iz31Nxl07qin+7oZEwm1IXS+s
Apr 18 09:33:01 [myserver] sshd[25210]: pam_unix(sshd:session): session
opened for user mhill by (uid=0)

After upgrading from 7.7p1 to 7.9p1, I saw errors in the logfile:

Apr 18 10:01:05 [myserver] sshd[3335]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruserrhost=[client-ip] 
user=mhill
Apr 18 10:01:07 [myserver] sshd[3331]: error: PAM: Authentication
failure for mhill from [client-ip]

Investigating, I found the following in the log for each login attempt:

Apr 18 10:01:02 [myserver] sshd[3331]: userauth_pubkey: key type
ssh-rsa not in PubkeyAcceptedKeyTypes [preauth]

Funny...

# grep ^PubkeyAcceptedKeyTypes /etc/ssh/sshd_config
PubkeyAcceptedKeyTypes
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ssh-rsa-cert-v01 at
openssh.com,ssh-rsa
# sshd -T -f /etc/ssh/sshd_config | grep -i pubkey
pubkeyauthentication yes
pubkeyacceptedkeytypes
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ssh-rsa-cert-v01 at
openssh.com,ssh-rsa

Finally, running sshd in debug mode:

debug3: /etc/ssh/sshd_config:640 setting PubkeyAcceptedKeyTypes
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ssh-rsa-cert-v01 at
openssh.com,ssh-rsa
[...]
debug1: userauth-request for user mhill service ssh-connection method
publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method publickey [preauth]
userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedKeyTypes
[preauth]
debug2: userauth_pubkey: authenticated 0 pkalg rsa-sha2-512 [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 0.070ms, delaying 8.278ms
(requested 8.349ms) [preauth]
debug3: userauth_finish: failure partial=0 next
methods="publickey,keyboard-interactive" [preauth]
debug3: send packet: type 51 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user mhill service ssh-connection method
keyboard-interactive [preauth]
debug1: attempt 2 failures 1 [preauth]

All indications are that ssh-rsa is listed in PubkeyAcceptedKeyTypes,
yet sshd fails the login attempts as though it were not.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2996

--- Comment #1 from Michael Hill <michael at mhill.net> ---
I should note that the only key I have a problem with is an RSA key; my
normal interactive key (type ED25519) can still connect.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2996

Jakub Jelen <jjelen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jjelen at redhat.com

--- Comment #2 from Jakub Jelen <jjelen at redhat.com> ---
The OpenSSH is now using SHA2 variants by default. Your configurations
do not list them so they are not accepted by your server. Try to add
rsa-sha2-512,rsa-sha2-256 to PubkeyAcceptedKeyTypes

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2996

Michael Hill <michael at mhill.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #3 from Michael Hill <michael at mhill.net> ---
Perfect, that was the cause.  Adding those key types solved the
problem.  Thank you!

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2996

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
Close bugs fixed in openssh-8.1 release cycle

-- 
You are receiving this mail because:
You are watching the assignee of the bug.