Bug 460619 - Failed login with 32768 bit keys
Failed login with 32768 bit keys
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-08-29 00:43 EDT by Nigel Jones
Modified: 2008-08-29 02:59 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-08-29 02:59:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenSSH Project 1516 None None None Never

  None (edit)
Description Nigel Jones 2008-08-29 00:43:55 EDT
Description of problem:
I am unable to login to a machine using a 32768bit SSH Key that is newly created, on both Rawhide systems and Red Hat EL-5 systems.

On Rawhide I get the following messages when trying to 'ssh localhost':

Aug 29 16:24:57 fantail sshd[4711]: Postponed publickey for njones from 127.0.0.1 port 45737 ssh2
Aug 29 16:25:08 fantail sshd[4710]: error: RSA_public_decrypt failed: error:04067069:lib(4):func(103):reason(105)

Version-Release number of selected component (if applicable):
openssh-5.1p1-2.fc10.x86_64

How reproducible:
Appears to be always (http://www.hermann-uwe.de/blog/creating-32768-bit-rsa-keys-for-fun-and-profit for an example on Debian)

Steps to Reproduce:
1. Generate a 32768 SSH Key
2. Load it into .ssh/authorized_keys
3. Attempt to login with said key
  
Actual results:
Error messages (per above) in /var/log/secure

Expected results:
Happy super-secure login :)

Additional info:
Yes I am mad, and creating the key was a joke, but it's a valid bug, SSH lets me generate such a key, but the key doesn't work, sounds like a bug to me.
Comment 1 Tomas Mraz 2008-08-29 02:59:01 EDT
There is a limit of 16384 on maximum length of modulus in RSA_public_decrypt which was added to resolve CVE-2006-2940.

Note You need to log in before you can comment on or make changes to this bug.