Terra Frost
2023-Feb-19 17:25 UTC
OpenSSH 8.2 appears to be one key to send the public key and a different key to send the signature?
I'm trying to connect to an SSH server using OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020 and am seeing some weird stuff in the logs. In particular, there's this: debug3: sign_and_send_pubkey: RSA SHA256:Xss+fkLagMzhqQfEakymnMzhqQN2FnzmZHrGJJFRzXA debug3: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:Xss+fkLagMzhqQfGgpPlmWuHq8N2FnzmZHrGJJFRzXA What's weird about that is that the key fingerprints are subtly different: SHA256:Xss+fkLagMzhqQf EakymnMzhqQ N2FnzmZHrGJJFRzXA SHA256:Xss+fkLagMzhqQf GgpPlmWuHq8 N2FnzmZHrGJJFRzXA (I added the spaces to make them more readable) My question is... how can this be so? Here's the code that does that: https://github.com/openssh/openssh-portable/blob/V_8_2_P1/sshconnect2.c#L1247 But in my cursory reading of the code it looks like those two lines should be the same - not different. It's also strange that, despite being different, that they're as similar as they are. With any cryptographic hash I'd expect that changing one character would change the whole hash *completely* but in this case like less than half of the hash is being changed? That doesn't make any sense to me. Any ideas?