You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Pavel Pohner (Jira)" <ji...@apache.org> on 2023/06/22 11:54:00 UTC
[jira] [Updated] (SSHD-1331) SSH Algorithm negotiation
[ https://issues.apache.org/jira/browse/SSHD-1331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Pohner updated SSHD-1331:
-------------------------------
Description:
Hello,
I'm facing a weird issue with SSH signature algorithm negotiation:
Signature algorithms for RSA are sorted like this in my implementation:
{code:java}
List<BuiltinSignatures> RSA_SIGNATURES = List.of(
BuiltinSignatures.rsa,
BuiltinSignatures.rsaSHA512_cert,
BuiltinSignatures.rsaSHA256_cert,
BuiltinSignatures.rsaSHA512,
BuiltinSignatures.rsaSHA256 {code}
when establishing connection with server that offers following lists of algorithms, the connection is established without any issue:
{code:java}
ssh-rsa
rsa-sha2-512
rsa-sha2-256 {code}
but, when server with list of algorithms in following order is encountered:
{code:java}
rsa-sha2-512
rsa-sha2-256
ssh-rsa {code}
the connection fails with following exception: *KeyExchange signature verification failed for key type=ssh-rsa*
Based on SSH RFC my current understanding is, that in the second scenario, algorithm guessing happens, where my implementation (client), guesses the *ssh-rsa* algorithm, meanwhile the server guesses the {*}rsa-sha2-512{*}, in that case the guess is not successful and there's defined algorithm that must be followed (basically, client iterating over the common list of algorithms until finding the correct match) - [https://datatracker.ietf.org/doc/html/rfc4253#section-7.1]
This seems to not be the case though as the exception says that the signature verification failed for *ssh-rsa,* I would expect the implementation to iterate to the {*}{*}{*}rsa-sha2-512{*} and match the server's guessed algorithm.
How is this handled in Mina SSHD implementation? Is this something I can override/handle in my own implementation? Can someone point me in the right direction please?
was:
Hello,
I'm facing a weird issue with SSH signature algorithm negotiation:
Signature algorithms for RSA are sorted like this in my implementation:
{code:java}
List<BuiltinSignatures> RSA_SIGNATURES = List.of(
BuiltinSignatures.rsa,
BuiltinSignatures.rsaSHA512_cert,
BuiltinSignatures.rsaSHA256_cert,
BuiltinSignatures.rsaSHA512,
BuiltinSignatures.rsaSHA256 {code}
when establishing connection with server that offers following lists of algorithms, the connection is established without any issue:
{code:java}
ssh-rsa
rsa-sha2-512
rsa-sha2-256 {code}
but, when server with list of algorithms in following order is encountered:
{code:java}
rsa-sha2-512
rsa-sha2-256
ssh-rsa {code}
the connection fails with following exception: *KeyExchange signature verification failed for key type=ssh-rsa*
Based on SSH RFC my current understanding is, that in the second scenario, algorithm guessing happens, where my implementation (client), guesses the *ssh-rsa* algorithm, meanwhile the server guesses the {*}rsa-sha2-512{*}, in that case the guess is not successful and there's defined algorithm that must be followed (basically, client iterating over the common list of algorithms until finding the correct match) - [https://datatracker.ietf.org/doc/html/rfc4253#section-7.1]
This seems to not be the case though as the exception says that the signature verification failed for *ssh-rsa,* I would expect the implementation to iterate to the {*}{*}{*}rsa-sha2-512{*} and match the server's guessed algorithm.
How is this handled in Mina SSHD implementation? Is this something I can override/handle in my own implementation? Can someone point me in the right direction please?
> SSH Algorithm negotiation
> --------------------------
>
> Key: SSHD-1331
> URL: https://issues.apache.org/jira/browse/SSHD-1331
> Project: MINA SSHD
> Issue Type: Question
> Affects Versions: 2.9.2
> Reporter: Pavel Pohner
> Priority: Major
>
> Hello,
> I'm facing a weird issue with SSH signature algorithm negotiation:
> Signature algorithms for RSA are sorted like this in my implementation:
>
> {code:java}
> List<BuiltinSignatures> RSA_SIGNATURES = List.of(
> BuiltinSignatures.rsa,
> BuiltinSignatures.rsaSHA512_cert,
> BuiltinSignatures.rsaSHA256_cert,
> BuiltinSignatures.rsaSHA512,
> BuiltinSignatures.rsaSHA256 {code}
> when establishing connection with server that offers following lists of algorithms, the connection is established without any issue:
>
>
> {code:java}
> ssh-rsa
> rsa-sha2-512
> rsa-sha2-256 {code}
> but, when server with list of algorithms in following order is encountered:
> {code:java}
> rsa-sha2-512
> rsa-sha2-256
> ssh-rsa {code}
> the connection fails with following exception: *KeyExchange signature verification failed for key type=ssh-rsa*
> Based on SSH RFC my current understanding is, that in the second scenario, algorithm guessing happens, where my implementation (client), guesses the *ssh-rsa* algorithm, meanwhile the server guesses the {*}rsa-sha2-512{*}, in that case the guess is not successful and there's defined algorithm that must be followed (basically, client iterating over the common list of algorithms until finding the correct match) - [https://datatracker.ietf.org/doc/html/rfc4253#section-7.1]
> This seems to not be the case though as the exception says that the signature verification failed for *ssh-rsa,* I would expect the implementation to iterate to the {*}{*}{*}rsa-sha2-512{*} and match the server's guessed algorithm.
> How is this handled in Mina SSHD implementation? Is this something I can override/handle in my own implementation? Can someone point me in the right direction please?
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org