openssh bugs - Apr 2021 - [Bug 3299] New: Fails to verify ED25519 server key

https://bugzilla.mindrot.org/show_bug.cgi?id=3299

            Bug ID: 3299
           Summary: Fails to verify ED25519 server key
           Product: Portable OpenSSH
           Version: 8.5p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: bvoigt at hugendubel-digital.de

It suddenly fails to connect to my server:


debug1: Host '[gerrit01.buchhandlung.de]:29418' is known and matches
the ED25519 host key.
debug1: Found key in /home/bvoigt/.ssh/known_hosts:1
debug2: ssh_ed25519_verify: crypto_sign_ed25519_open failed: -1
ssh_dispatch_run_fatal: Connection to 10.10.17.160 port 29418:
incorrect signature


I have absolutely no idea what causes this misbehaviour, and Google
does not know about it seemingly.

I have tried the following already:

- regenerated SSH key pair and reupload public key to the gerrit server
- delete ~/.ssh/known_hosts
- rebooted the client machine several times


After deleting ~/.ssh/known_hosts the debug output looks like this:

The authenticity of host '[gerrit01.buchhandlung.de]:29418
([10.10.17.160]:29418)' can't be established.
ED25519 key fingerprint is
SHA256:KA/Q41ad8fdDtDJFQIhkLzYgIoKMluW1JkFs6dOrJ/o.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
yes
Warning: Permanently added '[gerrit01.buchhandlung.de]:29418' (ED25519)
to the list of known hosts.
debug2: ssh_ed25519_verify: crypto_sign_ed25519_open failed: -1
ssh_dispatch_run_fatal: Connection to 10.10.17.160 port 29418:
incorrect signature

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3299

--- Comment #1 from bvoigt at hugendubel-digital.de ---
>From a different laptop running the same OpenSSH and OpenSSL version I
can still access the server.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3299

bvoigt at hugendubel-digital.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|NEW                         |RESOLVED

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3299

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.