https://bugzilla.mindrot.org/show_bug.cgi?id=3279
--- Comment #22 from Damien Miller <[email protected]> --- Created attachment 3537 --> https://bugzilla.mindrot.org/attachment.cgi?id=3537&action=edit test "program" This is what I used, I basically hacked it in to ssh-keygen.c. It's the opposite of pretty :) You'll also need to repack the dumped signature into base64 and paste it in to the sshbuf_b64tod() call. I used something like: $ python3 >>> h='484a9f2d24757...' # Line from RSA_public_decrypt: sig=... >>> import base64 >>> b=base64.b16decode(h, True) >>> base64.b64encode(b) b'SEqfLSR1dS...' As to why ssh works while this particular operation is failing while your ssh connection remains successful - it's probably because you're not using RSA for the regular key exchange signature, but Ed25519: debug1: kex: host key algorithm: ssh-ed25519 If you try something like: for x in rsa-sha2-512 rsa-sha2-256 ssh-rsa ; do ssh -oHostkeyAlgorithms=$x -oStrictHostkeyChecking=no -oUserKnownHostsFile=/tmp/gitlab [email protected] ; done Then you can exercise RSA (across its variants) in the signature path too -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
