Displaying 20 results from an estimated 61 matches for "sign_and_send_pubkey".
2016 Mar 10
10
[Bug 2550] New: ssh can't use an in-memory-only certificate
...private and the cert (also with the
private key) loaded together to work.
if I try to use just the cert after this commit, I see:
debug1: Server accepts key: pkalg ssh-rsa-cert-v01 at openssh.com blen
2769
debug2: input_userauth_pk_ok: fp
SHA256:XiFOO+XzZ0m/aWzkQLgxVFI2HJV3abWpNyuIhcEYKuc
debug3: sign_and_send_pubkey: RSA-CERT
SHA256:XiFOO+XzZ0m/aWzkQLgxVFI2HJV3abWpNyuIhcEYKuc
debug1: sign_and_send_pubkey: no private key for certificate "[Valid
until Fri 11 Mar 2016 18:10 UTC, Version 2]"
if I modify the ca to add both the cert (with private key) and the
private key, so my agent looks like this:
$ ....
2016 Sep 26
28
[Bug 2617] New: sign_and_send_pubkey: no separate private key for certificate
https://bugzilla.mindrot.org/show_bug.cgi?id=2617
Bug ID: 2617
Summary: sign_and_send_pubkey: no separate private key for
certificate
Product: Portable OpenSSH
Version: 7.3p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unas...
2016 Oct 27
11
[Bug 2635] New: Unable to use SSH Agent and user level PKCS11Provider configuration directive
...lib/pkcs11/opensc-pkcs11.so
$ ssh -vv $REMOTEHOST
OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016
...
debug1: Offering RSA public key: /usr/lib/libykcs11.so
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:...
sign_and_send_pubkey: signing failed: agent refused operation
...
debug1: Next authentication method: password
$USER@$REMOTEHOST's password:
If I remove the library (and keys) and try the connection again:
$ ssh-add -e /lib/pkcs11/opensc-pkcs11.so
Card removed: /lib/pkcs11/opensc-pkcs11.so
$ ssh-add -l
The agent...
2024 Jan 02
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
...e local system window gets the GUI pop-up the 'two ssh'
> window asks for the passphrase in the terminal.
>
I think I have it! I need to unset SSH_AUTH_SOCK, that's all that's
needed. See:-
chris$ ssh -i backup_id_rsa backup
[here the pop-up appears and I cancel it]
sign_and_send_pubkey: signing failed for RSA "backup_id_rsa" from
agent: agent refused operation
chris at backup's password:
chris$ env | grep SSH
SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
SSH_ASKPASS_REQUIRE=never
chris$ unset SSH_AUTH_SOCK
chris$ ssh -i backup_id_rsa backup...
2024 Jan 03
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
On 2024/01/02 09:51, Chris Green wrote:
> I think I have it! I need to unset SSH_AUTH_SOCK, that's all that's
> needed. See:-
>
> chris$ ssh -i backup_id_rsa backup
> [here the pop-up appears and I cancel it]
> sign_and_send_pubkey: signing failed for RSA "backup_id_rsa" from
> agent: agent refused operation
> chris at backup's password:
>
> chris$ env | grep SSH
> SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
> SSH_ASKPASS_REQUIRE=never
> chris$ unset SSH_AUTH_SOCK
>...
2012 Aug 29
1
second FIPS patch for openssh 6.0p1, fix pubkey
...mode() ? SSH_FP_SHA1 : SSH_FP_MD5,
! SSH_FP_HEX);
debug2("input_userauth_pk_ok: fp %s", fp);
xfree(fp);
***************
*** 1204,1210 ****
int have_sig = 1;
char *fp;
! fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX);
debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp);
xfree(fp);
--- 1218,1225 ----
int have_sig = 1;
char *fp;
! fp = key_fingerprint(id->key, FIPS_mode() ? SSH_FP_SHA1 : SSH_FP_MD5,
! SSH_FP_HEX);
debug3("sign_and_send_pubkey: %s %s", key_type(id->...
2002 Oct 08
2
Memory fault on HP-UX 11.0, 3.4p1
...erauth_pubkey_agent: testing agent key /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 400377a0 hint
-1
debug2: input_userauth_pk_ok: fp
7a:44:be:6c:94:18:fb:0c:ff:e5:1a:9a:07:98:a5:27
debug3: sign_and_send_pubkey
debug3: clear_auth_state: key_free 400377a0
debug1: ssh-userauth2 successful: method publickey
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug1: send channel open 0
Memory fault(coredump)
# ssh -V
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
HP-...
2010 Jan 12
2
[patch] Automatically add keys to agent
...========================
RCS file: /usr/obsd-repos/src/usr.bin/ssh/sshconnect2.c,v
retrieving revision 1.178
diff -u -N -p sshconnect2.c
--- sshconnect2.c 11 Jan 2010 04:46:45 -0000 1.178
+++ sshconnect2.c 11 Jan 2010 23:12:38 -0000
@@ -244,7 +244,7 @@ void userauth(Authctxt *, char *);
static int sign_and_send_pubkey(Authctxt *, Identity *);
static void pubkey_prepare(Authctxt *);
static void pubkey_cleanup(Authctxt *);
-static Key *load_identity_file(char *);
+static Key *load_identity_file(char *, AuthenticationConnection *);
static Authmethod *authmethod_get(char *authlist);
static Authmethod *authmeth...
2018 Jul 31
11
[Bug 2890] New: ssh-agent should not fail after removing and inserting smart card
https://bugzilla.mindrot.org/show_bug.cgi?id=2890
Bug ID: 2890
Summary: ssh-agent should not fail after removing and inserting
smart card
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2018 Feb 22
3
Attempts to connect to Axway SFTP server result in publickey auth loopin
...sh/keys/secret.key
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp
SHA256:W0A/tu/vWh2vk0zHJUdTsZN9adQmS6x7fEbMbSTayfs
debug3: sign_and_send_pubkey: RSA
SHA256:W0A/tu/vWh2vk0zHJUdTsZN9adQmS6x7fEbMbSTayfs
debug3: send packet: type 50
debug3: receive packet: type 51
Authenticated with partial success.
debug1: Authentications that can continue:
password,publickey,keyboard-interactive
debug1: Offering RSA public key: /ssh/keys/secret.key
LOOP
2002 Nov 25
2
weird behaviour of commands option : bug or not ?
Hello
I think I've found a bug but since no one replied to me on comp.security.ssh,
I'll try my luck here.
On my client, PreferredAuthentications is set to publickey,password.
When using the commands option in authorized_keys file like
command="ls" ssh-dss <key>... it is supposed to connect using the private key
associated with <key>, perform ls and then quits.
2017 Jul 04
12
[Bug 2737] New: function identity_sign() assume private key's pub part as same as the .pub key.
...f
method pubkey failed. the reasion is identity_sign() used
the id_rsa2.pub as pubkey, and signed it by id_rsa1 private key. that
sshd verify signature failed.
but, if you remove ~/.ssh/id_rsa.pub,
ssh client will used full ~/.ssh/id_rsa (extract pubkey,privatekey)
through
userauth_pubkey()
-->sign_and_send_pubkey()
-->identity_sign()
and login success.
i think ssh designed to login use pubkey as possible we you can.
and if id_rsa unmatch id_rsa.pub, ssh should trust id_rsa and drop the
rsa.pub file, try do login again as id_rsa.pub not exist.
--
You are receiving this mail because:
You are watchi...
2011 Nov 03
1
Help with CA Certificates for user authentication?
...ect to the target server from the test client:
$ ssh -vvv -Y -p 2022 -l test 172.31.44.115
There is verbose output, which mostly seems right until (on the client):
debug1: ssh_rsa_verify: signature correct
debug2: input_userauth_pk_ok: fp c9:42:44:91:48:04:45:b2:ee:93:12:3f:e5:89:13:ab
debug3: sign_and_send_pubkey: RSA-CERT c9:42:44:91:48:04:45:b2:ee:93:12:3f:e5:89:13:ab
debug1: read PEM private key begin
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/test/.ssh/id_rsa':
...and, correspondingly on the s...
2003 Sep 18
11
[Bug 684] ssh cannot access keys stored in agent
...authentication method: publickey
debug1: Offering public key: /home/phk/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 433
debug2: input_userauth_pk_ok: fp a1:04:99:61:03:22:7e:79:20:fd:57:57:2c:7c:a8:98
debug3: sign_and_send_pubkey
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/phk/.ssh/id_dsa':
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2019 Mar 29
2
Call for testing: OpenSSH 8.0
...EGmNZHHSpDoD9Hppg+YzU+O0 agent
> debug3: send packet: type 50
> debug2: we sent a publickey packet, wait for reply
> debug3: receive packet: type 60
> debug1: Server accepts key: id_dtacld_shortlived_rsa RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
> debug3: sign_and_send_pubkey: RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0
> debug1: sign_and_send_pubkey: no separate private key for certificate
> "id_dtacld_shortlived_rsa"
> debug3: sign_and_send_pubkey: signing using ssh-rsa-cert-v01 at openssh.com
> debug3: send packet: type 50
&...
2018 Feb 23
2
Attempts to connect to Axway SFTP server result in publickey auth loopin
...ot;);
+ if (authctxt->sent_signed_id != NULL) {
+ debug3("Marking key %s as successful",
+ authctxt->sent_signed_id->filename);
+ authctxt->sent_signed_id->tried = IDENTITY_SUCCESSFUL;
+ }
/* reset state */
pubkey_reset(authctxt);
}
@@ -1168,6 +1175,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
packet_put_raw(buffer_ptr(&b), buffer_len(&b));
buffer_free(&b);
packet_send();
+ authctxt->sent_signed_id = id;
return 1;
}
@@ -1422,6 +1430,7 @@ pubkey_cleanup(Authctxt *authctxt)
free(id->filename);
free(id);
}
+ authctxt->...
2015 Jul 29
2
[PATCH] ssh: Add option to present certificates on command line
...thentication with
+the identity.
.It Cm IgnoreUnknown
Specifies a pattern-list of unknown options to be ignored if they are
encountered in configuration parsing.
diff --git a/sshconnect2.c b/sshconnect2.c
index 34dbf9a..fb24b5e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1016,6 +1016,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
u_int skip = 0;
int ret = -1;
int have_sig = 1;
+ int i;
char *fp;
if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
@@ -1053,6 +1054,33 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
}
buffer_put_string(&b, blob, blo...
2015 May 30
8
Call for testing: OpenSSH 6.9
...od: publickey
debug1: Offering RSA public key: /usr/src/INET/openssh/regress/rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp
SHA256:9nhdTr/rVwghJZfRSbSVGw1Rb7TuhygvZoYal45dJ98
debug3: sign_and_send_pubkey: RSA
SHA256:9nhdTr/rVwghJZfRSbSVGw1Rb7TuhygvZoYal45dJ98
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password,keyboard-interactive).
FAI...
2001 Jul 26
1
possible bug: OpenSSH appears to freeze on exit
...ethod to try is publickey
debug1: try pubkey: //.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: input_userauth_pk_ok: pkalg ssh-dss blen 434 lastkey 10ae98 hint
1
debug2: input_userauth_pk_ok: fp
b2:48:f6:61:cd:b8:d0:b5:58:85:95:be:7e:20:68:a8
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type DSA
debug1: sig size 20 20
debug1: ssh-userauth2 successful: method publickey
debug1: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug1: channel_new: 0
debug1: send channel open 0
debug1: Entering interactive session.
debug2: callback sta...
2019 Nov 15
2
U2F support in OpenSSH HEAD
On 2019-11-14, Damien Miller <djm at mindrot.org> wrote:
> Please give this a try - security key support is a substantial change and
> it really needs testing ahead of the next release.
Hi Damien,
Thanks for working on security key support, this is a really nice
feature to have in openssh.
My non-FIDO2 security key (YubiKey NEO) doesn't work with the latest
changes to openssh