Bugs item #1832491, was opened at 2007-11-15 15:12 Message generated for change (Comment added) made by noahwilliamsson You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=703942&aid=1832491&group_id=125852
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: antonio (tonyspoken) Assigned to: Daniel Stenberg (bagder) Summary: (Pseudo)random authentication failures with public key Initial Comment: Hi there. Just to track down the problem of the libssh2 with public-key authorization that leads sometimes to a failure. [libssh2] Failure Event: -19 - Invalid signature for supplied public key, or bad username/public key combination It appears to be mentioned in libcurl but not here: it happens once every 100-150 retries. I've attached libssh2 logs for both successful and unsuccesful cases. Hope that someone with time/competence on this pieces of code could give a hand. Regards, Antonio ---------------------------------------------------------------------- Comment By: noah williamsson (noahwilliamsson) Date: 2009-06-04 21:44 Message: Sorry, the crypto library linked against is libgcrypt version 1.2.4-2ubuntu7 and NOT openssl as I previously stated. I'm also using an empty passphrase for the pubkey auth. ---------------------------------------------------------------------- Comment By: noah williamsson (noahwilliamsson) Date: 2009-06-04 21:25 Message: I've got this problem too, though I'm experiencing the problem through a PHP extension that relies on libssh2. I'm not able to reproduce the problem at will but it does happen intermittently, around 1 out of 10 times. The PHP extension is http://pecl.php.net/package/ssh2 and I'm running the latest version of it, though the previous released had the same problem. This extension is built against libssh2 version 0.18 from Ubuntu 8.04's package repository. The extension's ssh2_auth_pubkey_file() randomly is where things fail. Except for doing some dummy input checks it basically calls libssh2 like this: if (libssh2_userauth_publickey_fromfile_ex(session, username, username_len, pubkey, privkey, passphrase)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Authentication failed for %s using public key", username); RETURN_FALSE; } Nothing is logged on the remote server, a modern OpenSSH release, when the problem occurs. Could there be some kind of problem with the way the keys are chosen, stored or loaded? I.e, them not being prime numbers or similar and tripping internal or remote checks? The OpenSSL version the libraries are built against is built against is OpenSSL 0.9.8g-4ubuntu3.5. FWIW, I'm on an x86-64 bit platform (Ubuntu 8.04, LTS). ---------------------------------------------------------------------- Comment By: Dan Fandrich (dfandrich) Date: 2009-04-15 16:23 Message: This still happens for me in libssh2 v1.1. The symptom is random failure of the curl test suite with an error 67 authentication failure. I spent some time a while ago trying to track the problem in libssh2 without success. ---------------------------------------------------------------------- Comment By: Daniel Stenberg (bagder) Date: 2009-04-15 09:06 Message: Too old. If this still happens, file a new bug report and include details such as version number, crypto library and version and operating system. Thanks! ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=703942&aid=1832491&group_id=125852 ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ libssh2-devel mailing list libssh2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libssh2-devel
