23132 – RSA/DES auth broken?

Bug 23132 - RSA/DES auth broken?

Summary: RSA/DES auth broken?

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	openssh
Sub Component:
Version:	7.1
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-01-02 10:58 UTC by Gerald Teschl
Modified:	2008-05-01 15:37 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2001-06-19 18:36:02 UTC
Embargoed:

Attachments	(Terms of Use)

Description Gerald Teschl 2001-01-02 10:58:29 UTC

The authentication via RSA/DES key is somehow broken.
Sometimes it works, sometimes it does'nt. For example,
I try to login to a remot host and ssh will ask for
me pass phrase (even tough I added the key to the ssh-agent,
and ssh-add -l shows that it is there) and fail even tough
I enter the correct pass phrase. If I press CRL+C and try again,
it might work fine (without asking for the pass phrase).
It's purely random. Sometimes it doesn't work at all.

Comment 1 Pekka Savola 2001-01-02 18:23:02 UTC

WIthout further debugging (ssh -v -v -v, sshd -d -d -d), this is untraceable.

Comment 2 Gerald Teschl 2001-01-04 16:14:59 UTC

It looks like the problem is on the server:
----------------------------------------------
debug: Trying RSA authentication via agent with 'gerald@soliton'
debug: Server refused our key.
debug: RSA authentication using agent refused.
debug: Trying RSA authentication with key 'gerald@soliton'
debug: Received RSA challenge from server.
Enter passphrase for RSA key 'gerald@soliton':
debug: Sending response to host key RSA challenge.
debug: Remote: RSA authentication accepted.
debug: RSA authentication accepted by server.
debug: Requesting pty.
debug: Requesting X11 forwarding with authentication spoofing.
debug: Requesting authentication agent forwarding.
debug: Requesting shell.
debug: Entering interactive session.
-----------------------------------------------
If I try again five seconds later it'll work:
-----------------------------------------------
debug: Trying RSA authentication via agent with 'gerald@soliton'
debug: Received RSA challenge from server.
debug: Sending response to RSA challenge.
debug: Remote: RSA authentication accepted.
debug: RSA authentication accepted by server.

Comment 3 Pekka Savola 2001-02-24 08:25:50 UTC

You haven't updated either server or the client OpenSSL to 0.9.6, have you?

Comment 4 Mike Gahagan 2001-04-18 00:56:31 UTC

I have found that RSAAuthentication just doesn't work using the openssh rpms
packaged with 7.1. I got asked for a password every time, 'sshd -d -d' on the
server and 'ssh -v -v' on the client don't show any attempt to use
RSAAuthentication. I removed the Red Hat Linux 7.1 rpms and replaced them with
openssh-2.5.2p2 from openssh.com on the server and still had the same problem.
After replacing the Openssh on the client, the problems went away. I built
openssh-2.5.2p2 from .src.rpm's with 'rpm -bb openssh.spec' after editing the
spec file to disable building of the askpass packages.

Comment 5 Pekka Savola 2001-04-18 05:45:57 UTC

Public Key Authentications w/ empty passphrase works for me just fine.  Client
is RHL71, the
server either 2.3.0p1 or RHL62 with RHL7 errata 2.5.2p2 recompiled on RHL62.

Comment 6 Gerald Teschl 2001-06-19 18:35:57 UTC

The problem is no longer present with the current version (openssh-2.5.2p2-5).

Note You need to log in before you can comment on or make changes to this bug.