https://bugzilla.mindrot.org/show_bug.cgi?id=3157
Bug ID: 3157
Summary: known_hosts @cert-authority with legacy plain key
entry drops incorrect set of HostKeyAlgorithms
Product: Portable OpenSSH
Version: 8.1p1
Hardware: All
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: paullkapp@gmail.com
Adding a @cert-authority entry into authorized_keys in conjunction with
a "plain" key entry results in the client requesting only host
certificates of the type of the plain key, not the comprehensive list
of certificate types.
Use case: A legacy RSA host key entry in known_hosts, and adding a
@cert-authority entry for a new ed25519 CA. Because the CA can sign
**any** key type, the client should include all certificate types in
the protocol exchange request.
What winds up happening: the plain RSA entry causes the client to only
request keys (and certificates) of the type RSA (and derivatives):
debug3: order_hostkeyalgs: prefer hostkeyalgs:
rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
When the RSA key is removed from the remote host, the hostkey
verification fails, even though a valid (non-RSA) host certificate
could have been sent to the client.
Expected behavior: If the client has a @cert-authority entry in
known_hosts, all certificates types should be requested from the
server.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3157
Summary: known_hosts @cert-authority with legacy plain key
entry drops incorrect set of HostKeyAlgorithms
Product: Portable OpenSSH
Version: 8.1p1
Hardware: All
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: paullkapp@gmail.com
Adding a @cert-authority entry into authorized_keys in conjunction with
a "plain" key entry results in the client requesting only host
certificates of the type of the plain key, not the comprehensive list
of certificate types.
Use case: A legacy RSA host key entry in known_hosts, and adding a
@cert-authority entry for a new ed25519 CA. Because the CA can sign
**any** key type, the client should include all certificate types in
the protocol exchange request.
What winds up happening: the plain RSA entry causes the client to only
request keys (and certificates) of the type RSA (and derivatives):
debug3: order_hostkeyalgs: prefer hostkeyalgs:
rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
When the RSA key is removed from the remote host, the hostkey
verification fails, even though a valid (non-RSA) host certificate
could have been sent to the client.
Expected behavior: If the client has a @cert-authority entry in
known_hosts, all certificates types should be requested from the
server.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs