Description of problem: I am unable to login to a machine using a 32768bit SSH Key that is newly created, on both Rawhide systems and Red Hat EL-5 systems. On Rawhide I get the following messages when trying to 'ssh localhost': Aug 29 16:24:57 fantail sshd[4711]: Postponed publickey for njones from 127.0.0.1 port 45737 ssh2 Aug 29 16:25:08 fantail sshd[4710]: error: RSA_public_decrypt failed: error:04067069:lib(4):func(103):reason(105) Version-Release number of selected component (if applicable): openssh-5.1p1-2.fc10.x86_64 How reproducible: Appears to be always (http://www.hermann-uwe.de/blog/creating-32768-bit-rsa-keys-for-fun-and-profit for an example on Debian) Steps to Reproduce: 1. Generate a 32768 SSH Key 2. Load it into .ssh/authorized_keys 3. Attempt to login with said key Actual results: Error messages (per above) in /var/log/secure Expected results: Happy super-secure login :) Additional info: Yes I am mad, and creating the key was a joke, but it's a valid bug, SSH lets me generate such a key, but the key doesn't work, sounds like a bug to me.
There is a limit of 16384 on maximum length of modulus in RSA_public_decrypt which was added to resolve CVE-2006-2940.