You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Thomas Wolf (Jira)" <ji...@apache.org> on 2021/12/01 23:09:00 UTC

[jira] [Created] (SSHD-1231) Public key authentication: wrong signature algorithm used (ed25519 key with ssh-rsa signature)

Thomas Wolf created SSHD-1231:
---------------------------------

             Summary: Public key authentication: wrong signature algorithm used (ed25519 key with ssh-rsa signature)
                 Key: SSHD-1231
                 URL: https://issues.apache.org/jira/browse/SSHD-1231
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 2.7.0
            Reporter: Thomas Wolf


See [Eclipse bug 577545|https://bugs.eclipse.org/bugs/show_bug.cgi?id=577545]. The following scenario

# Client tries authenticating with a wrong RSA key with signature rsa-sha2-512
# Server rejects the authentication attempt
# Client tries the next key (an ed25519 key), but unfortunately with the wrong signature algorithm (ss-rsa)

authentication fails with

{noformat}
Exception in thread "main" org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: Supplied key (net.i2p.crypto.eddsa.EdDSAPrivateKey) is not a RSAPrivateKey instance
	at org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:131)
	at org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:185)
	at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:130)
	at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)
	at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)
	at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:43)
	at ch.paranor.thomas.TestClient.testAuth(TestClient.java:44)
	at ch.paranor.thomas.TestClient.main(TestClient.java:58)
Caused by: java.security.InvalidKeyException: Supplied key (net.i2p.crypto.eddsa.EdDSAPrivateKey) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source)
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1177)
	at java.security.Signature.initSign(Signature.java:530)
	at org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:104)
	at org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:81)
	at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:363)
	at org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:333)
{noformat}

Work-arounds:

* Place RSA keys last in the sequence of keys to be tried
* Or ensure only actually working keys are used



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org