Bug 1884920 - Cannot ssh into CentOS 6 using ssh key authentication
Summary: Cannot ssh into CentOS 6 using ssh key authentication
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 33
Hardware: x86_64
OS: Linux
Target Milestone: ---
Assignee: Jakub Jelen
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2020-10-03 15:36 UTC by Scott Reese
Modified: 2021-05-26 13:04 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-10-29 15:45:32 UTC
Type: Bug

Attachments (Terms of Use)

Description Scott Reese 2020-10-03 15:36:38 UTC
Description of problem:
If you have a CentOS 6 server set up to use ssh keys for authentication, you cannot log in using the openssh client in Fedora 33. If the CentOS 6 server is set to also allow password authentication, it will fall back to that and login will succeed. If the server does not allow any other authentication methods, authentication will fail and login will fail.

Version-Release number of selected component (if applicable):
Fedora 33 openssh-clients 8.4p1-1
CentOS 6.10 openssh-server-5.3p1-124

How reproducible:
Attempt to log using ssh keys (identity file). If server is configured to allow password authentication, the login will fall back and ask for the password. If server is not configured to allow password authentication (PasswordAuthentication no), then login will fail

Steps to Reproduce:
1. Load ssh key for server (ssh-add .ssh/id_rsa)
2. ssh to server (ssh server.name.here)

Actual results:
scott@server.name.here: Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

Expected results:
Bash command prompt on server

Additional info:
This isn't a bug so much as it is an incompatibility between the security protocols that CentOS 6.10 supports and the ones that Fedora 33 supports. If you run ssh -v server.name.here, it says that there are no compatible signature algorithms:

debug1: send_pubkey_test: no mutual signature algorithm

It may not be a problem because there is limited overlap between the release of Fedora 33 and the EOL of CentOS 6, but I think it might be worth an entry in the release notes. It would be easy for people to get locked out of their servers.

Comment 1 Jakub Jelen 2020-10-05 07:23:18 UTC
The Fedora 33 removes SHA1, which will certainly be in the release notes [1]. But it did not mention ssh at all yet, but we are going to fix it.

There is a simple workaround by using ECDSA authentication and host keys (which use SHA2 ever since) or creating a following configuration snippet to connect to legacy hosts:

  # legacy host not supporting RSA with SHA2
  Host server.name.here:
    PubkeyAcceptedKeyTypes ssh-rsa

I will keep the bug open until we will make sure the release notes are  fixed.

[1] https://fedoraproject.org/wiki/Releases/33/ChangeSet#Strong_crypto_settings:_phase_2

Comment 2 Kevin Carter 2020-10-26 18:34:14 UTC
Just to confirm, while running F33 I too had issues when interacting with legacy SSH servers. The noted config is a good work-around for anyone who's needing to interact with existing SSH servers; especially those working in or around an ssh based git workflow (the OpenStack (OpenInfrastructure) community, github, etc).

The following config was added to my user's ssh config `~/.ssh/config`:

  Host review.opendev.org
    PubkeyAcceptedKeyTypes ssh-rsa

While less than desirable, it works.

Comment 3 Jan Pazdziora 2020-10-28 18:06:39 UTC
Overall, this can likely be marked as a duplicate of bug 1881301.

Comment 4 Jakub Jelen 2020-10-29 12:00:50 UTC
(In reply to Jan Pazdziora from comment #3)
> Overall, this can likely be marked as a duplicate of bug 1881301.

No, it is not the same. The bug #1881301 is a main issue in Debian, which has newer OpenSSH, but with a bug preventing negotiating the SHA2 methods even though they are properly implemented (the only openssh release that had this problem). The OpenSSH in RHEL6/CentOS6 does not support rsa-sha2 and never will. Not even the patch proposed in bug #1881301 is going to address the issue of connecting to the RHEL6/CentOS 6 servers.

The other possible workaround is to use ECDSA keys, which are available in RHEL6/CentOS6 and use SHA2 implicitly.

Comment 5 Tomas Mraz 2020-10-29 15:45:32 UTC
This is expected behavior. You have to switch to the LEGACY crypto policy to communicate with legacy systems. And RHEL-6/CentOS-6 is certainly a legacy system.

Comment 6 Jan Pazdziora 2020-11-02 10:22:13 UTC
(In reply to Jakub Jelen from comment #4)
> (In reply to Jan Pazdziora from comment #3)
> > Overall, this can likely be marked as a duplicate of bug 1881301.
> No, it is not the same.

Mea culpa. Thanks for the explanation.

Note You need to log in before you can comment on or make changes to this bug.