You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Thomas Wolf (Jira)" <ji...@apache.org> on 2022/06/16 14:28:00 UTC

[jira] [Commented] (SSHD-1270) MINA-SSHD 2.8.0 break Ubuntu 16.04 users connection

    [ https://issues.apache.org/jira/browse/SSHD-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17555102#comment-17555102 ] 

Thomas Wolf commented on SSHD-1270:
-----------------------------------

You are using OpenSSH_7.2p2, which is very old, and AFAIK was the first version with rsa-sha2-512 signature support. There were bugs in OpenSSH when the SHA-2 signatures were introduced, and AFAIK there was also a bug concerning the ssh-agent.

The Gerrit server log posted at the Gerrit bug tracker shows that the signature verification failed. Perhaps the OpenSSH 7.2 client actually sent a ssh-rsa signature instead of rsa-sha-512?

The client log file you posted at the Gerrit bug tracker shows only the failed authentication. But it shows "debug2: key: /home/gaowenjun/.ssh/id_rsa (0x556e3270a720), agent", so I presume that run used the agent.
 # Verify that you can connect without using the agent. Specify the {{IdentityFile}} explicitly in {{{}~/.ssh/config{}}}, set {{{}IdentitiesOnly yes{}}}, and set {{IdentityAgent none.}}
 # Verify what keys the ssh-agent contains initially. Does it run initially? Does it contain the correct key?
 # Make sure the agent contains the correct key, undo the changes from (1), and try to connect.

Logs for both cases (successful _and_ unsuccessful attempts) would be helpful.

> MINA-SSHD 2.8.0 break Ubuntu 16.04 users connection
> ---------------------------------------------------
>
>                 Key: SSHD-1270
>                 URL: https://issues.apache.org/jira/browse/SSHD-1270
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 2.8.0
>            Reporter: CY
>            Priority: Major
>         Attachments: 1
>
>
> steps to reproduce:
>  1.upgrade Gerrit to 3.6 (which use 2.8.0 SSHD
>  2.Ubuntu 16.04 user try to connect Gerrit via ssh
>  `ssh -p 29418 username@gerrit.mioffice.cn gerrit`
>  3.Got "Permission denied (publickey)."
>  4.execute eval "$(ssh-agent -s) && ssh-add"
>  5.`ssh -p 29418 username@gerrit.mioffice.cn gerrit` now can connect to Gerrit correctly.
>  6.Reboot the PC, then cannot connect again, and need to execute "eval "$(ssh-agent -s) && ssh-add"" again.
>  
> Here is my client log with `ssh -vvv`
> There is also a discussion on Gerrit community and there is server side log on it
> https://bugs.chromium.org/p/gerrit/issues/detail?id=15987#c_ts1655281861



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org