[
https://issues.apache.org/jira/browse/SSHD-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17555102#comment-17555102
]
Thomas Wolf commented on SSHD-1270:
-----------------------------------
You are using OpenSSH_7.2p2, which is very old, and AFAIK was the first version
with rsa-sha2-512 signature support. There were bugs in OpenSSH when the SHA-2
signatures were introduced, and AFAIK there was also a bug concerning the
ssh-agent.
The Gerrit server log posted at the Gerrit bug tracker shows that the signature
verification failed. Perhaps the OpenSSH 7.2 client actually sent a ssh-rsa
signature instead of rsa-sha-512?
The client log file you posted at the Gerrit bug tracker shows only the failed
authentication. But it shows "debug2: key: /home/gaowenjun/.ssh/id_rsa
(0x556e3270a720), agent", so I presume that run used the agent.
# Verify that you can connect without using the agent. Specify the
{{IdentityFile}} explicitly in {{{}~/.ssh/config{}}}, set {{{}IdentitiesOnly
yes{}}}, and set {{IdentityAgent none.}}
# Verify what keys the ssh-agent contains initially. Does it run initially?
Does it contain the correct key?
# Make sure the agent contains the correct key, undo the changes from (1), and
try to connect.
Logs for both cases (successful _and_ unsuccessful attempts) would be helpful.
> MINA-SSHD 2.8.0 break Ubuntu 16.04 users connection
> ---------------------------------------------------
>
> Key: SSHD-1270
> URL: https://issues.apache.org/jira/browse/SSHD-1270
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 2.8.0
> Reporter: CY
> Priority: Major
> Attachments: 1
>
>
> steps to reproduce:
> 1.upgrade Gerrit to 3.6 (which use 2.8.0 SSHD
> 2.Ubuntu 16.04 user try to connect Gerrit via ssh
> `ssh -p 29418 [email protected] gerrit`
> 3.Got "Permission denied (publickey)."
> 4.execute eval "$(ssh-agent -s) && ssh-add"
> 5.`ssh -p 29418 [email protected] gerrit` now can connect to
> Gerrit correctly.
> 6.Reboot the PC, then cannot connect again, and need to execute "eval
> "$(ssh-agent -s) && ssh-add"" again.
>
> Here is my client log with `ssh -vvv`
> There is also a discussion on Gerrit community and there is server side log
> on it
> https://bugs.chromium.org/p/gerrit/issues/detail?id=15987#c_ts1655281861
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
