search for: server_host_key

...supplied, along with the previous diff. The regression tests got further along, but now fail in integrity.sh: run test integrity.sh ... test integrity: hmac-sha1 @2300 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. unexpected error mac hmac-sha1 at 2300 test integrity: hmac-sha1 @2301 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. unexpected error mac hmac-sha1 at 2301 test integrity: hmac-sha1 @2302 RSA_publi...

...On the server side (AIX 4.3), the sshd runs as follows: aix/sbin/sshd -p 2222 -d Full output follows at the end of this mail. The server is compiled with EGD support, on the client side I tested EGD and ANDIrand (http://www.cosy.sbg.ac.at/~andi/), both with the same result: key_verify failed for server_host_key The same happens when I connect from Solaris to Linux servers running OpenSSH versions 2.3 and above. During the tests I noticed that I get no errors when I rename the "primes" file at server side. Has anyone a similar problem or knows what is wrong here? If more information is needed,...

...seeing anything like this. The problem is, as soon as I load the Zaptel drivers (with a TDM-31B card), ssh into or out of the server is broken. Trying to ssh in, I get: RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed for server_host_key If I try to ssh out, I get: hash mismatch key_verify failed for server_host_key This makes administering the server remotely impossible, so it's a fairly large problem for me right now. Anybody ever seen anything like this? It is easy to reproduce: "modprobe zaptel" and it's br...

...rocessors. All recent combinations of openssh/openssl have a not permanent problem. If i try to connect to the machine, i get sometimes these errors: # ssh root at simba RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed for server_host_key # ssh root at simba hash mismatch key_verify failed for server_host_key # ssh root at simba hash mismatch key_verify failed for server_host_key And sometimes it works. At the moment i need about 10 tries to get in. If i manage to get in, i can use the ssh connection for weeks without problem. a s...

I am building version 2.3.0p1 of openssh on a UnixWare 2.03 system and am unable to connect with SSH 2. The error I get is: debug: len 55 datafellows 0 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key The build environment is as follows: gcc 2.95.1 openssl-0.9.6-beta2 I've looked through the archives and found similar problems related to version incompatabilities. In this case, I have the same version (2.3.0p1) on both ends. I got the same error with 2.2.0p1. Where should I look next?...

...n I try to connect to or from one of these hosts using SSH2 I get the following error (I have sshd -d -d -d and ssh -2 -v -v -v output if that helps): dhaag at cyberpup> ssh -2 waltst2 ssh_rsa_verify: RSA_verify failed: error:04077068:rsa routines:RSA_verify:bad signature key_verify failed for server_host_key Here's what I have done so far: -recompiled on the suspect box, no change. -compiled 2.5.2p2 on suspect box with no change. -don't see any network errors (netstat -i). -egd seems to be working fine, I can read and write bits with egc.pl. -tried changing and disabling some of the protocols...

...t; +#include "ssh2.h" + +#include <nacl/crypto_scalarmult_curve25519.h> +#define CURVE25519_PUBKEY_SIZE crypto_scalarmult_curve25519_BYTES +#define CURVE25519_PRIVKEY_SIZE crypto_scalarmult_curve25519_SCALARBYTES + +void +kexc25519_client(Kex *kex) +{ + BIGNUM *shared_secret; + Key *server_host_key; + u_char client_key[CURVE25519_PRIVKEY_SIZE]; + u_char client_pubkey[CURVE25519_PUBKEY_SIZE]; + u_char *server_pubkey = NULL; + u_char shared_secret_raw[CURVE25519_PUBKEY_SIZE]; + u_char *server_host_key_blob = NULL, *signature = NULL; + u_char *hash; + u_int rnd = 0, slen, sbloblen, hashlen, i...

...rver using SSH2 protocol. On the OS/390 (which is the client) it comes up with the following error messages: >ssh -v -2 somehost . . . debug: bits set: 504/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key debug: Calling cleanup 0x1cf36d18(0x0) and it ends. I also tried a different key : -c "blowfish-cbc" but the problem remains the same. Can anybody help ?? Gruss/ regards Michael Mai Deutsche Bank PCAM-GT CTO Platform Mainframe MVS Applications Application Enabl...

...rsion 1.99, remote software version OpenSSH_2.5.2p2 or Remote protocol version 2.0, remote software version OpenSSH_3.0.1p1 I get error (looking at codebase): In sshconnect2.c: ssh_dhgex_client(kex, host, hostaddr, client_kexinit, server_kexinit); if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1){ fatal("key_verify failed for server_host_key"); exit(-109); } I see: (gdb) p key->type $1 = 1 which would mean: KEY_RSA. Can someone please let me know: why in file key.c: case KEY_RSA: return ssh_rsa_veri...

...<0> debug1: Found key in /etc/ssh/known_hosts:1 <0> debug2: bits set: 1010/2048 <0> debug1: ssh_dss_verify: signature error <0> fatal: key_verify failed for server_host_key <0> debug1: Calling cleanup 0xa69a0ec0(0x0) <0> debug1: Calling cleanup 0xa6994630(0x0) <0> debug3: DecrementThreadCount() Thread count is now 1 <0&...

Hi, is there any chance to make SSH_RSA_MINIMUM_MODULUS_SIZE configurable? I keep receiving these messages: ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits key_verify failed for server_host_key And it's quite a hassle to recompile each time I need to use it (there are still devices where you can't fix it easily). Thanks Michal

This is debugs seen on server, whose keys are not accepted by the client: debug1: Seeding random number generator debug1: sshd version OpenSSH_2.5.2p2 debug1: load_private_key_autodetect: type 0 RSA1 debug1: read SSH2 private key done: name rsa w/o comment success 1 debug1: load_private_key_autodetect: type 1 RSA debug1: read SSH2 private key done: name dsa w/o comment success 1 debug1:

...st give out the following error: ssh_x509store_cb: subject='CN=pingo.dmz.arhont.com,OU=IT,O=Arhont Ltd,C=GB', error 20 at 0 depth lookup:unable to get local issuer certificate ssh_verify_cert: verify error, code=20, msg='unable to get local issuer certificate' key_verify failed for server_host_key Is it possible to have a situation when if there is no x509 store set up on the client, it would simply revert to the password based authentication? I have tried setting PubkeyAlgorithms ssh-dss PreferredAuthentications keyboard-interactive but with no effect, same error appears. I would appre...

...=========================================================== RCS file: /cvs/src/usr.bin/ssh/kexgexc.c,v retrieving revision 1.11 diff -u -r1.11 kexgexc.c --- kexgexc.c 6 Nov 2006 21:25:28 -0000 1.11 +++ kexgexc.c 15 Nov 2006 14:14:33 -0000 @@ -124,8 +124,6 @@ fatal("type mismatch for decoded server_host_key_blob"); if (kex->verify_host_key == NULL) fatal("cannot verify server_host_key"); - if (kex->verify_host_key(server_host_key) == -1) - fatal("server_host_key verification failed"); /* DH parameter f, server public DH key */ if ((dh_server_pub = BN_new()) =...

...ba:3f:60:51:8d:39:7d. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'galaxy.acm.jhu.edu,128.220.223.65' (DSA) to the list of knn hosts. debug: bits set: 510/1024 debug: len 40 datafellows 15 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key debug: Calling cleanup 0x8059884(0x0)

...t able to connect. I upgraded to the newly minted 3.4p1 and discovered the same problem. My limited poking around has shown the following: <16:59:38>atb at ursus:>ssh -vv atb at host <snip> debug1: bits set: 503/1024 debug1: ssh_dss_verify: signature incorrect key_verify failed for server_host_key debug1: Calling cleanup 0x2000ca44(0x0) Putting an #if 0 ... #endif around the key_verify call in kexdh.c solves the problem, but in a most unsatisfactory fashion. I double checked my compiles for linux and solaris and they are working perfectly. Looking in ssh-dss.c at ssh_dss_verify it appea...

..... > ... > debug1: Found key in /local_home/luca/.ssh/known_hosts:2 > debug1: bits set: 1594/3191 > RSA_public_decrypt failed: error:0407006A:rsa > routines:RSA_padding_check_PKCS1_type_1:block type is not 01 > debug1: ssh_rsa_verify: signature incorrect > key_verify failed for server_host_key > ... same problem here with Solaris 8 openssl 0.9.6i from Sunfreeware.com. I recompiled openssh-3.5p1 (and 3.6p1) with the same result. No more connecting into sshd (everything else is fine). My solution was to grab the new openssl 0.9.6j and compile it myself, then recompile openssh 3.6p1....

...h the previous diff. The > regression tests got further along, but now fail in integrity.sh: > > run test integrity.sh ... > test integrity: hmac-sha1 @2300 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key. I expect this is the test that is choking rather than ssh/sshd, otherwise the regress tests wouldn't have made it that far without error (given the ones you see here). This test depends on the small modpipe program that is built from modpipe.c. You can test if it is working via: $ echo &quot...

...REPLY debug1: Host 'logserver' is known and matches the RSA host key. debug1: Found key in /export/backup/.ssh/known_hosts:1 debug1: bits set: 1059/2048 RSA_public_decrypt failed: error:8106A072:lib(129):func(106):reason(114) debug1: ssh_rsa_verify: signature incorrect key_verify failed for server_host_key debug1: Calling cleanup 0x348a4(0x0) -bash-3.00$ Best regards, Mike Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain...

...ve25519-sha256 at libssh.org" -p 1234 localhost echo "hello"; done Actual Results: Eventually the loop above will fail. Sometimes failure happens quickly, sometimes it can many iterations: ... hello 224 hello 225 hash mismatch key_verify failed for server_host_key Expected Results: The loop should never fail with the 'hash_mismatch' error above. Build Date & Hardware: # git rev-parse HEAD 19158b2447e35838d69b2b735fb640d1e86061ea # git show V_6_6_P1 commit 19158b2447e35838d69b2b735fb640d1e86061ea Author: Damien Miller <djm at m...