Bug 1623929
Summary: | OpenSSH server reports incomplete server-sig-algs list in SHA2 extension | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Jakub Jelen <jjelen> |
Component: | openssh | Assignee: | Jakub Jelen <jjelen> |
Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 7.6 | CC: | champetier.etienne, christoph.sievers, nmavrogi, redhat-bugzilla, roman.aleksic, whaidinger |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-02-11 15:39:06 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jakub Jelen
2018-08-30 13:22:47 UTC
Hi, client fedora 28 with openssh-7.8p1-2.fc28.x86_64 using a ssh-rsa-cert-v01 client certificate > debug1: Offering public key: RSA-CERT > SHA256:xxx /home/c/.ssh/id_rsa-cert.pub > debug1: send_pubkey_test: no mutual signature algorithm The proposed workaround does not seem to work (Even if adding the cert type) > PubkeyAcceptedKeyTypes rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-rsa-cert-v01 If you want to use certificates, you need to list also the SHA2 variants of certificates: rsa-sha2-256-cert-v01,rsa-sha2-512-cert-v01 Not sure if this is somewhere documented, but is should do the job. Hi, i tried PubkeyAcceptedKeyTypes rsa-sha2-256,rsa-sha2-512,rsa-sha2-256-cert-v01,rsa-sha2-512-cert-v01,ssh-rsa-cert-v01 but still debug1: send_pubkey_test: no mutual signature algorithm Please, open a customer case if you have this issue with your RHEL installation. https://access.redhat.com/ This will really need a fix in RHEL7 since the new OpenSSH checks the signature algorithms against the hardcoded list there, which is wrong. Hi all, Even if the CA is an RSA key, you can sign ECDSA or ED25519 keys so you get ECDSA/ED25519 certs which allow you to work around the issue without changing anything server-side Exemple cert: $ ssh-keygen -Lf ~/.ssh/id_ed25519-cert.pub ~/.ssh/id_ed25519-cert.pub: Type: ssh-ed25519-cert-v01 user certificate Public key: ED25519-CERT SHA256:<...> Signing CA: RSA SHA256:<...> Key ID: "..." I think something happend within openssh 7.9 if my interpretation of this is correct: https://www.spinics.net/lists/openssh-unix-dev/msg05371.html Indeed, there is fix [1] in latest OpenSSH 7.9p1 so updating the clients to the latest version should resolve the issue. But it does not change that there is a bug in RHEL7 too. [1] https://github.com/openssh/openssh-portable/commit/1a4a9cf8 This issue was not selected to be included either in Red Hat Enterprise Linux 7.7 because it is seen either as low or moderate impact to a small amount of use-cases. The next release will be in Maintenance Support 1 Phase, which means that qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available. We will now close this issue, but if you believe that it qualifies for the Maintenance Support 1 Phase, please re-open; otherwise we recommend moving the request to Red Hat Enterprise Linux 8 if applicable. |