[jira] [Created] (SSHD-1053) Got "key type does not match" when use OpenSSH client And Mina SSHD configured with a host public key cert

[Feng Jiajie (Jira)]

Feng Jiajie created SSHD-1053:
---------------------------------

             Summary: Got "key type does not match" when use OpenSSH client And 
Mina SSHD configured with a host public key cert
                 Key: SSHD-1053
                 URL: https://issues.apache.org/jira/browse/SSHD-1053
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 2.5.1
            Reporter: Feng Jiajie


Hi,

We configured a Mina SSHD and used server certificates:
https://www.lorier.net/docs/ssh-ca.html

Mina SSHD:
{code:java}
sshd.setKeyPairProvider(new 
BouncyCastleGeneratorHostKeyProvider(Paths.get("/tmp/ser-tunnel")));
sshd.setHostKeyCertificateProvider(new 
FileHostKeyCertificateProvider(Paths.get("/tmp/ser-tunnel-cert.pub")));
{code}
When using the OpenSSH client (test on v7.9 and v8.3) to connect to the Mina 
SSHD server, the client is reporting an error: 
{code:java}
debug2: KEX algorithms: 
ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: 
rsa-sha2-512-cert-...@openssh.com,rsa-sha2-256-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: 
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: 
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: 
hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: 
hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none,zlib,z...@openssh.com
debug2: compression stoc: none,zlib,z...@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: rsa-sha2-512-cert-...@openssh.com
debug1: kex: server->client cipher: aes128-ctr MAC: 
hmac-sha2-256-...@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: 
hmac-sha2-256-...@openssh.com compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host certificate: ssh-rsa-cert-...@openssh.com 
SHA256:HsNsqFEHMbCzl4wPfEw8TglsG8wxAQshrcq4mjdVvEM, serial 6 ID "ser-server1" 
CA ssh-rsa SHA256:uACMfGQyejQ3IH6MmAuNMp2dljdzLJq7nPpmdu9PSEQ valid from 
2020-08-14T12:48:45 to 2030-08-12T12:53:45
debug2: Server host certificate hostname: 127.0.0.1
debug2: Server host certificate hostname: localhost
debug3: put_host_port: [127.0.0.1]:12133
debug3: put_host_port: [127.0.0.1]:12133
debug3: hostkeys_foreach: reading file "/home/work/.ssh/known_hosts"
debug3: record_hostkey: found ca key type RSA in file 
/home/work/.ssh/known_hosts:34
debug3: load_hostkeys: loaded 1 keys from [127.0.0.1]:12133
debug1: Host '[127.0.0.1]:12133' is known and matches the RSA-CERT host 
certificate.
debug1: Found CA key in /home/work/.ssh/known_hosts:34
okok rsa-sha2-512-cert-...@openssh.com
ssh_dispatch_run_fatal: Connection to 127.0.0.1 port 12133: key type does not 
match
{code}
After debugging the OpenSSH client, we found that the problem was that:

[https://github.com/openssh/openssh-portable/blob/V_7_9_P1/ssh-rsa.c#L270]
line 270: 
{code:java}
if ((hash_alg = rsa_hash_id_from_ident(sigtype)) == -1) {
  ret = SSH_ERR_KEY_TYPE_MISMATCH;
  goto out;
}
{code}
`sigtype` value is "rsa-sha2-512-cert-...@openssh.com"

[https://github.com/openssh/openssh-portable/blob/V_7_9_P1/ssh-rsa.c#L61]
line 61: 
{code:java}
static intrsa_hash_id_from_ident(const char *ident){
  if (strcmp(ident, "ssh-rsa") == 0)
    return SSH_DIGEST_SHA1;     
  if (strcmp(ident, "rsa-sha2-256") == 0)       
    return SSH_DIGEST_SHA256;
  if (strcmp(ident, "rsa-sha2-512") == 0)
    return SSH_DIGEST_SHA512;
  return -1;
}
{code}
can't find "rsa-sha2-512-cert-...@openssh.com" then return -1

We found OpenSSH Server signature function may return only the return value of 
the `rsa_hash_alg_ident` function:
{code:java}
static const char *rsa_hash_alg_ident(int hash_alg){
  switch (hash_alg) {
    case SSH_DIGEST_SHA1:
      return "ssh-rsa";
    case SSH_DIGEST_SHA256:
      return "rsa-sha2-256";
    case SSH_DIGEST_SHA512:
      return "rsa-sha2-512";
  }
  return NULL;
}
{code}
[https://github.com/openssh/openssh-portable/blob/V_7_9_P1/ssh-rsa.c#L223]

So I made a simple patch to handle this situation.

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org