bugzilla-daemon at mindrot.org
2025-May-13 09:37 UTC
[Bug 3823] New: SSH on same device ignores MAC restrictions
https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Bug ID: 3823
Summary: SSH on same device ignores MAC restrictions
Product: Portable OpenSSH
Version: 10.0p2
Hardware: Other
OS: Other
Status: NEW
Severity: major
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: adrian.jarc at aviatnet.com
If I disable certain mac algorithms on sshd and then try to connect (on
same device) to ssh with thiose disabled algorithms, SSH allows me to
do this.
Scenario:
I have disabled hmac-sha2-256 in sshd config on device. Then I try
establishing connection via ssh client on same device with '-m
hmac-sha2-256' flag. Instead of connection being rejected because mac
algorithm is not supported on server, Client just ignores this flag and
connects.
Logs of what happens:
"
ssh -m hmac-sha2-256 admin@::
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' ->
'/home/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' ->
'/home/root/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve;
disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to :: [::] port 22.
debug3: set_sock_tos: set socket 3 IPV6_TCLASS 0x48
debug1: Connection established.
debug1: identity file /home/root/.ssh/id_rsa type -1
debug1: identity file /home/root/.ssh/id_rsa-cert type -1
debug1: identity file /home/root/.ssh/id_ecdsa type -1
debug1: identity file /home/root/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/root/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/root/.ssh/id_ed25519 type -1
debug1: identity file /home/root/.ssh/id_ed25519-cert type -1
debug1: identity file /home/root/.ssh/id_ed25519_sk type -1
debug1: identity file /home/root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/root/.ssh/id_xmss type -1
debug1: identity file /home/root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_10.0
debug1: Remote protocol version 2.0, remote software version
OpenSSH_10.0
debug1: compat_banner: match: OpenSSH_10.0 pat OpenSSH* compat
0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to :::22 as 'admin'
debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts: No such file
or directory
debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts2: No such file
or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
directory
debug3: order_hostkeyalgs: no algorithms matched; accept original
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512 at
openssh.com,curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00
at openssh.com
debug2: host key algorithms:
ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at
openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at
openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: hmac-sha2-256
debug2: MACs stoc: hmac-sha2-256
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ext-info-s,kex-strict-s-v00
at openssh.com
debug2: host key algorithms:
rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos:
aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com
debug2: ciphers stoc:
aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com
debug2: MACs ctos: hmac-sha2-512
debug2: MACs stoc: hmac-sha2-512
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug3: kex_choose_conf: will use strict KEX ordering
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: aes128-gcm at openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: aes128-gcm at openssh.com MAC:
<implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519
SHA256:GRAoWefV8I0f3qaObur4WmJ2a70rOgYEePRl2Wo5U5E
debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts: No such file
or directory
debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts2: No such file
or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
directory
debug3: hostkeys_find_by_key_hostfile: trying user hostfile
"/home/root/.ssh/known_hosts"
debug1: hostkeys_find_by_key_hostfile: hostkeys file
/home/root/.ssh/known_hosts does not exist
debug3: hostkeys_find_by_key_hostfile: trying user hostfile
"/home/root/.ssh/known_hosts2"
debug1: hostkeys_find_by_key_hostfile: hostkeys file
/home/root/.ssh/known_hosts2 does not exist
debug3: hostkeys_find_by_key_hostfile: trying system hostfile
"/etc/ssh/ssh_known_hosts"
debug1: hostkeys_find_by_key_hostfile: hostkeys file
/etc/ssh/ssh_known_hosts does not exist
debug3: hostkeys_find_by_key_hostfile: trying system hostfile
"/etc/ssh/ssh_known_hosts2"
debug1: hostkeys_find_by_key_hostfile: hostkeys file
/etc/ssh/ssh_known_hosts2 does not exist
The authenticity of host ':: (::)' can't be established.
ED25519 key fingerprint is
SHA256:GRAoWefV8I0f3qaObur4WmJ2a70rOgYEePRl2Wo5U5E.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
"
Logs of what should happen:
"
ssh -vvv -m hmac-sha2-256 admin@<server-ip>
OpenSSH_9.6p1 Ubuntu-3ubuntu13.11, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /home/ajarc/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include
/etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname <server-ip> is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' ->
'/home/ajarc/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' ->
'/home/ajarc/.ssh/known_hosts2'
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to <server-ip> [<server-ip>] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: Connection established.
debug1: identity file /home/ajarc/.ssh/id_rsa type 0
debug1: identity file /home/ajarc/.ssh/id_rsa-cert type -1
debug1: identity file /home/ajarc/.ssh/id_ecdsa type -1
debug1: identity file /home/ajarc/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ajarc/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/ajarc/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/ajarc/.ssh/id_ed25519 type 3
debug1: identity file /home/ajarc/.ssh/id_ed25519-cert type -1
debug1: identity file /home/ajarc/.ssh/id_ed25519_sk type -1
debug1: identity file /home/ajarc/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/ajarc/.ssh/id_xmss type -1
debug1: identity file /home/ajarc/.ssh/id_xmss-cert type -1
debug1: identity file /home/ajarc/.ssh/id_dsa type -1
debug1: identity file /home/ajarc/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.11
debug1: Remote protocol version 2.0, remote software version
OpenSSH_10.0
debug1: compat_banner: match: OpenSSH_10.0 pat OpenSSH* compat
0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to <server-ip>:22 as 'admin'
debug3: record_hostkey: found key type ED25519 in file
/home/ajarc/.ssh/known_hosts:257
debug3: load_hostkeys_file: loaded 1 keys from <server-ip>
debug1: load_hostkeys: fopen /home/ajarc/.ssh/known_hosts2: No such
file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
directory
debug3: order_hostkeyalgs: have matching best-preference key type
ssh-ed25519-cert-v01 at openssh.com, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
sntrup761x25519-sha512 at openssh.com,curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00
at openssh.com
debug2: host key algorithms:
ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at
openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,sk-ssh-ed25519-cert-v01
at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at
openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519
at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: MACs ctos: hmac-sha2-256
debug2: MACs stoc: hmac-sha2-256
debug2: compression ctos: none,zlib at openssh.com,zlib
debug2: compression stoc: none,zlib at openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ext-info-s,kex-strict-s-v00
at openssh.com
debug2: host key algorithms:
rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos:
aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com
debug2: ciphers stoc:
aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com
debug2: MACs ctos: hmac-sha2-512
debug2: MACs stoc: hmac-sha2-512
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug3: kex_choose_conf: will use strict KEX ordering
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
Unable to negotiate with 11.214.153.42 port 22: no matching MAC found.
Their offer: hmac-sha2-512
"
In both logs instances sshd was installed from:
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.0p1.tar.gz
In instance where connection proceeds, ssh client was installed from:
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.0p1.tar.gz.
In instance where we get an error it is ssh client that comes installed
with Ubuntu 24.04.2
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-May-13 09:38 UTC
[Bug 3823] SSH client 10.0p2 ignores MAC restrictions (-m flag)
https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Adrian Jarc <adrian.jarc at aviatnet.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|SSH on same device ignores |SSH client 10.0p2 ignores
|MAC restrictions |MAC restrictions (-m flag)
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-May-13 09:42 UTC
[Bug 3823] SSH client 10.0p2 ignores MAC restrictions (-m flag)
https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Adrian Jarc <adrian.jarc at aviatnet.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|major |security
Priority|P5 |P1
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-May-13 09:45 UTC
[Bug 3823] SSH client 10.0p2 ignores MAC restrictions (-m flag)
https://bugzilla.mindrot.org/show_bug.cgi?id=3823 --- Comment #1 from Adrian Jarc <adrian.jarc at aviatnet.com> --- Tried from another device with 10.0p2 client: ssh -m hmac-sha2-256 admin at 11.214.153.42 debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/root/.ssh/known_hosts' debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/root/.ssh/known_hosts2' debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug3: channel_clear_timeouts: clearing debug3: ssh_connect_direct: entering debug1: Connecting to 11.214.153.42 [11.214.153.42] port 22. debug3: set_sock_tos: set socket 3 IP_TOS 0x48 debug1: Connection established. debug1: identity file /home/root/.ssh/id_rsa type -1 debug1: identity file /home/root/.ssh/id_rsa-cert type -1 debug1: identity file /home/root/.ssh/id_ecdsa type -1 debug1: identity file /home/root/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/root/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/root/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/root/.ssh/id_ed25519 type -1 debug1: identity file /home/root/.ssh/id_ed25519-cert type -1 debug1: identity file /home/root/.ssh/id_ed25519_sk type -1 debug1: identity file /home/root/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/root/.ssh/id_xmss type -1 debug1: identity file /home/root/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_10.0 debug1: Remote protocol version 2.0, remote software version OpenSSH_10.0 debug1: compat_banner: match: OpenSSH_10.0 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to 11.214.153.42:22 as 'admin' debug3: record_hostkey: found key type ED25519 in file /home/root/.ssh/known_hosts:1 debug3: load_hostkeys_file: loaded 1 keys from 11.214.153.42 debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug3: order_hostkeyalgs: have matching best-preference key type ssh-ed25519-cert-v01 at openssh.com, using HostkeyAlgorithms verbatim debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512 at openssh.com,curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00 at openssh.com debug2: host key algorithms: ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 debug2: ciphers ctos: chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc: chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha2-256 debug2: MACs stoc: hmac-sha2-256 debug2: compression ctos: none,zlib at openssh.com debug2: compression stoc: none,zlib at openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ext-info-s,kex-strict-s-v00 at openssh.com debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com debug2: ciphers stoc: aes128-ctr,aes128-gcm at openssh.com,aes256-ctr,aes256-gcm at openssh.com debug2: MACs ctos: hmac-sha2-512 debug2: MACs stoc: hmac-sha2-512 debug2: compression ctos: none,zlib at openssh.com debug2: compression stoc: none,zlib at openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug3: kex_choose_conf: will use strict KEX ordering debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: aes128-gcm at openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: aes128-gcm at openssh.com MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:GRAoWefV8I0f3qaObur4WmJ2a70rOgYEePRl2Wo5U5E debug3: record_hostkey: found key type ED25519 in file /home/root/.ssh/known_hosts:1 debug3: load_hostkeys_file: loaded 1 keys from 11.214.153.42 debug1: load_hostkeys: fopen /home/root/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: Host '11.214.153.42' is known and matches the ED25519 host key. debug1: Found key in /home/root/.ssh/known_hosts:1 debug3: send packet: type 21 debug1: ssh_packet_send2_wrapped: resetting send seqnr 3 debug2: ssh_set_newkeys: mode 1 debug1: rekey out after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: Sending SSH2_MSG_EXT_INFO debug3: send packet: type 7 debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: ssh_packet_read_poll2: resetting read seqnr 3 debug1: SSH2_MSG_NEWKEYS received debug2: ssh_set_newkeys: mode 0 debug1: rekey in after 4294967296 blocks debug2: KEX algorithms: mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512 at openssh.com,curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00 at openssh.com debug2: host key algorithms: ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 debug2: ciphers ctos: chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc: chacha20-poly1305 at openssh.com,aes128-gcm at openssh.com,aes256-gcm at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha2-256 debug2: MACs stoc: hmac-sha2-256 debug2: compression ctos: none,zlib at openssh.com debug2: compression stoc: none,zlib at openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug3: kex_input_ext_info: extension server-sig-algs debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256> debug3: kex_input_ext_info: extension publickey-hostbound at openssh.com debug1: kex_ext_info_check_ver: publickey-hostbound at openssh.com=<0> debug3: kex_input_ext_info: extension ping at openssh.com debug1: kex_ext_info_check_ver: ping at openssh.com=<0> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug3: kex_input_ext_info: extension server-sig-algs debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256> debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Will attempt key: /home/root/.ssh/id_rsa debug1: Will attempt key: /home/root/.ssh/id_ecdsa debug1: Will attempt key: /home/root/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/root/.ssh/id_ed25519 debug1: Will attempt key: /home/root/.ssh/id_ed25519_sk debug1: Will attempt key: /home/root/.ssh/id_xmss debug2: pubkey_prepare: done debug1: Trying private key: /home/root/.ssh/id_rsa debug3: no such identity: /home/root/.ssh/id_rsa: No such file or directory debug1: Trying private key: /home/root/.ssh/id_ecdsa debug3: no such identity: /home/root/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /home/root/.ssh/id_ecdsa_sk debug3: no such identity: /home/root/.ssh/id_ecdsa_sk: No such file or directory debug1: Trying private key: /home/root/.ssh/id_ed25519 debug3: no such identity: /home/root/.ssh/id_ed25519: No such file or directory debug1: Trying private key: /home/root/.ssh/id_ed25519_sk debug3: no such identity: /home/root/.ssh/id_ed25519_sk: No such file or directory debug1: Trying private key: /home/root/.ssh/id_xmss debug3: no such identity: /home/root/.ssh/id_xmss: No such file or directory debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug3: send packet: type 50 debug2: we sent a keyboard-interactive packet, wait for reply debug3: receive packet: type 60 debug2: input_userauth_info_req: entering debug2: input_userauth_info_req: num_prompts 1 (admin at 11.214.153.42) Password: -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-May-13 11:54 UTC
[Bug 3823] SSH client 10.0p2 ignores MAC restrictions (-m flag)
https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at dtucker.net
--- Comment #2 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Adrian Jarc from comment #0)> If I disable certain mac algorithms on sshd and then try to connect
> (on same device) to ssh with thiose disabled algorithms, SSH allows
> me to do this.
>
> Scenario:
>
> I have disabled hmac-sha2-256 in sshd config on device. Then I try
> establishing connection via ssh client on same device with '-m
> hmac-sha2-256' flag. Instead of connection being rejected because
> mac algorithm is not supported on server, Client just ignores this
> flag and connects.
>
> Logs of what happens:
[...]
It's not actually using hmac-sha2-256. It's configured to use the
aes128-gcm cipher, which has its own integrity checking and does not
use an explicit MAC at all:
> debug1: kex: server->client cipher: aes128-gcm at openssh.com MAC:
<implicit> compression: none
> debug1: kex: client->server cipher: aes128-gcm at openssh.com MAC:
<implicit> compression: none
(see https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL for a more
complete description).
> Logs of what should happen:
[...]
In this case, it's configured to use the aes128-ctr cipher, which is
why the client's MAC configuration comes into play:
> debug2: ciphers ctos: aes128-ctr,aes128-gcm at
openssh.com,aes256-ctr,aes256-gcm at openssh.com
> debug2: ciphers stoc: aes128-ctr,aes128-gcm at
openssh.com,aes256-ctr,aes256-gcm at openssh.com
> debug2: MACs ctos: hmac-sha2-512
> debug2: MACs stoc: hmac-sha2-512
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-May-13 12:41 UTC
[Bug 3823] SSH client 10.0p2 ignores MAC restrictions (-m flag)
https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Adrian Jarc <adrian.jarc at aviatnet.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Adrian Jarc <adrian.jarc at aviatnet.com> ---
Hey,
thanks for the explanation, now I see. I have been dealing with another
issue (not caused by OpenSSH, but by one of providers we use for
OpenSSL) that I have completely missed that. Thank you.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.