search for: key_verify

...I applied the diff you supplied, along with the previous diff. The regression tests got further along, but now fail in integrity.sh: run test integrity.sh ... test integrity: hmac-sha1 @2300 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. unexpected error mac hmac-sha1 at 2300 test integrity: hmac-sha1 @2301 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. unexpected error mac hmac-sha1 at 2301 test integrity...

...gin -v -2 -p 2222 rs30 On the server side (AIX 4.3), the sshd runs as follows: aix/sbin/sshd -p 2222 -d Full output follows at the end of this mail. The server is compiled with EGD support, on the client side I tested EGD and ANDIrand (http://www.cosy.sbg.ac.at/~andi/), both with the same result: key_verify failed for server_host_key The same happens when I connect from Solaris to Linux servers running OpenSSH versions 2.3 and above. During the tests I noticed that I get no errors when I rename the "primes" file at server side. Has anyone a similar problem or knows what is wrong here? If m...

...poking around without seeing anything like this. The problem is, as soon as I load the Zaptel drivers (with a TDM-31B card), ssh into or out of the server is broken. Trying to ssh in, I get: RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed for server_host_key If I try to ssh out, I get: hash mismatch key_verify failed for server_host_key This makes administering the server remotely impossible, so it's a fairly large problem for me right now. Anybody ever seen anything like this? It is easy to reproduce: "modprobe z...

...tra2 with two 296MHz processors. All recent combinations of openssh/openssl have a not permanent problem. If i try to connect to the machine, i get sometimes these errors: # ssh root at simba RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed for server_host_key # ssh root at simba hash mismatch key_verify failed for server_host_key # ssh root at simba hash mismatch key_verify failed for server_host_key And sometimes it works. At the moment i need about 10 tries to get in. If i manage to get in, i can use the ssh connection for...

...t with version 2. When I try to connect to or from one of these hosts using SSH2 I get the following error (I have sshd -d -d -d and ssh -2 -v -v -v output if that helps): dhaag at cyberpup> ssh -2 waltst2 ssh_rsa_verify: RSA_verify failed: error:04077068:rsa routines:RSA_verify:bad signature key_verify failed for server_host_key Here's what I have done so far: -recompiled on the suspect box, no change. -compiled 2.5.2p2 on suspect box with no change. -don't see any network errors (netstat -i). -egd seems to be working fine, I can read and write bits with egc.pl. -tried changing and disab...

...protocol version 1.99, remote software version OpenSSH_2.5.2p2 or Remote protocol version 2.0, remote software version OpenSSH_3.0.1p1 I get error (looking at codebase): In sshconnect2.c: ssh_dhgex_client(kex, host, hostaddr, client_kexinit, server_kexinit); if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1){ fatal("key_verify failed for server_host_key"); exit(-109); } I see: (gdb) p key->type $1 = 1 which would mean: KEY_RSA. Can someone please let me know: why in file key.c: case KEY_RSA: ret...

...unning Openssh were not able to connect. I upgraded to the newly minted 3.4p1 and discovered the same problem. My limited poking around has shown the following: <16:59:38>atb at ursus:>ssh -vv atb at host <snip> debug1: bits set: 503/1024 debug1: ssh_dss_verify: signature incorrect key_verify failed for server_host_key debug1: Calling cleanup 0x2000ca44(0x0) Putting an #if 0 ... #endif around the key_verify call in kexdh.c solves the problem, but in a most unsatisfactory fashion. I double checked my compiles for linux and solaris and they are working perfectly. Looking in ssh-dss.c...

...the DSA host key. <0> debug1: Found key in /etc/ssh/known_hosts:1 <0> debug2: bits set: 1010/2048 <0> debug1: ssh_dss_verify: signature error <0> fatal: key_verify failed for server_host_key <0> debug1: Calling cleanup 0xa69a0ec0(0x0) <0> debug1: Calling cleanup 0xa6994630(0x0) <0> debug3: DecrementThreadCount() Thread count is now 1...

Hi, is there any chance to make SSH_RSA_MINIMUM_MODULUS_SIZE configurable? I keep receiving these messages: ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits key_verify failed for server_host_key And it's quite a hassle to recompile each time I need to use it (there are still devices where you can't fix it easily). Thanks Michal

This is debugs seen on server, whose keys are not accepted by the client: debug1: Seeding random number generator debug1: sshd version OpenSSH_2.5.2p2 debug1: load_private_key_autodetect: type 0 RSA1 debug1: read SSH2 private key done: name rsa w/o comment success 1 debug1: load_private_key_autodetect: type 1 RSA debug1: read SSH2 private key done: name dsa w/o comment success 1 debug1:

...method, real_info); if (authctxt->postponed) return; /* XXX todo: check if multiple auth methods are needed */ @@ -475,12 +479,16 @@ #ifdef DEBUG_PK buffer_dump(&b); #endif /* test for correct signature */ if (user_key_allowed(authctxt->pw, key) && - key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) + key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) { authenticated = 1; + + if (options.log_key_fingerprint == 1) + snprintf(info,info_size," fp %s",key_fingerprint(key,SSH_FP_MD5,SS...

...n the client. They just give out the following error: ssh_x509store_cb: subject='CN=pingo.dmz.arhont.com,OU=IT,O=Arhont Ltd,C=GB', error 20 at 0 depth lookup:unable to get local issuer certificate ssh_verify_cert: verify error, code=20, msg='unable to get local issuer certificate' key_verify failed for server_host_key Is it possible to have a situation when if there is no x509 store set up on the client, it would simply revert to the password based authentication? I have tried setting PubkeyAlgorithms ssh-dss PreferredAuthentications keyboard-interactive but with no effect, same err...

...-v -v -v test2 > ... > ... > debug1: Found key in /local_home/luca/.ssh/known_hosts:2 > debug1: bits set: 1594/3191 > RSA_public_decrypt failed: error:0407006A:rsa > routines:RSA_padding_check_PKCS1_type_1:block type is not 01 > debug1: ssh_rsa_verify: signature incorrect > key_verify failed for server_host_key > ... same problem here with Solaris 8 openssl 0.9.6i from Sunfreeware.com. I recompiled openssh-3.5p1 (and 3.6p1) with the same result. No more connecting into sshd (everything else is fine). My solution was to grab the new openssl 0.9.6j and compile it myself, the...

...ou supplied, along with the previous diff. The > regression tests got further along, but now fail in integrity.sh: > > run test integrity.sh ... > test integrity: hmac-sha1 @2300 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. I expect this is the test that is choking rather than ssh/sshd, otherwise the regress tests wouldn't have made it that far without error (given the ones you see here). This test depends on the small modpipe program that is built from modpipe.c. You can test if it is...

...g SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'logserver' is known and matches the RSA host key. debug1: Found key in /export/backup/.ssh/known_hosts:1 debug1: bits set: 1059/2048 RSA_public_decrypt failed: error:8106A072:lib(129):func(106):reason(114) debug1: ssh_rsa_verify: signature incorrect key_verify failed for server_host_key debug1: Calling cleanup 0x348a4(0x0) -bash-3.00$ Best regards, Mike Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the ad...

...exAlgorithms="curve25519-sha256 at libssh.org" -p 1234 localhost echo "hello"; done Actual Results: Eventually the loop above will fail. Sometimes failure happens quickly, sometimes it can many iterations: ... hello 224 hello 225 hash mismatch key_verify failed for server_host_key Expected Results: The loop should never fail with the 'hash_mismatch' error above. Build Date & Hardware: # git rev-parse HEAD 19158b2447e35838d69b2b735fb640d1e86061ea # git show V_6_6_P1 commit 19158b2447e35838d69b2b735fb640d1e86061ea Author:...

...h-alias' is known and matches the ED25519 host key. debug1: Found key in /home/yann/opencsw/openssh/trunk/work/solaris10-i386/build-isa-pentium_pro/openssh-6.7p1/regress/known_hosts:1 debug2: ssh_ed25519_verify: crypto_sign_ed25519_open failed: -1 debug1: ssh_ed25519_verify: signature incorrect key_verify failed for server_host_key I will attach all the relevant files. Yann -- You are receiving this mail because: You are watching the assignee of the bug.

Dear openssh developers In a shell script I need to verify if a key belonging to a given public key file is already loaded into the agent. To achieve this, I added a new option -v to ssh-add which does this verification. The patch bases on openssh v5.8p1. The regression test agent.sh was extended to test this new feature. Is there any chance for inclusion of attached patch? Cheers Konrad --

Darren Tucker <dtucker at zip.com.au> writes: > On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote: > [...] >> gv harry> ssh -vv 2x >> >> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016 > > this is a third-party modified version of OpenSSH. Can you reproduce > the problem with a stock OpenSSH from the source from

...REPLY debug1: Server host key: ED25519 99:b7:1c:6d:1f:ce:dd:7f:37:a4:a2:34:56:32:18:f1 debug1: Host '2x' is known and matches the ED25519 host key. debug1: Found key in /home/harry/.ssh/known_hosts:2 debug2: bits set: 1574/3072 debug2: ssh_ed25519_verify: crypto_sign_ed25519_open failed: -1 key_verify: incorrect signature key_verify failed for server_host_key