At least SSH's programs versions 2.0.x and 2.1.0 have a bug in the
handling of publickey userauth messages,
byte SSH_MSG_USERAUTH_REQUEST
string user name
string service
string "publickey"
boolean TRUE
string public key algorithm name
string public key to be used for authentication
string signature
and expect service to always be "ssh-userauth", both in the sent
message and in the signed data. Two questions:
1. Does the same apply to messages without the signature? I.e.
byte SSH_MSG_USERAUTH_REQUEST
string user name
string service
string "publickey"
boolean FALSE
string public key algorithm name
string public key blob
2. Does anybody know if SSH-2.0-2.4.0 SSH Secure Shell
(non-commercial)" exhibits this or any other relevant bugs?
I have a report on interoperation problems, I send a message like the
above, and get a USERAUTH_FAILURE rather than a USERAUTH_PK_OK
message, and I'd like to figure out if its a bug in lsh, in SSH-2.4.0,
or a configuration error at the server.
Regards,
/Niels
