Bug 165

Summary: Problem with SSH1 Keys on RedHat7.2
Product: Portable OpenSSH Reporter: Matt Mahler <mmahler>
Component: sshdAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED INVALID    
Severity: normal    
Priority: P2    
Version: -current   
Hardware: ix86   
OS: Linux   

Description Matt Mahler 2002-03-14 17:55:44 AEDT 
OpenSSH 3.1 installed on RedHat 7.2 seems to have a problem with SSH 1. 
Here is a copy of the debug info:

debug1: Received encrypted confirmation.
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/home/sisyphus/.ssh/identity'
debug1: Server refused our key.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.

If I throw back on OpenSSH 3.0 the key is accepted.
here is the same system, same config file, same authorized key file same key.
only difference is OpenSSH 3.0 instead of 3.1

debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/home/sisyphus/.ssh/identity'
debug1: Received RSA challenge from server.
Enter passphrase for RSA key '/home/sisyphus/.ssh/identity':
Comment 1 Markus Friedl 2002-03-17 04:31:52 AEDT 
never seen this. what does sshd -ddd say?
Comment 2 Matt Mahler 2002-03-18 08:58:45 AEDT 
sshd -ddd on openssh 3.1

debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Starting up PAM with username "sisyphus"
debug3: Trying to reverse map address 127.0.0.1.
debug1: PAM setting rhost to "localhost.localdomain"
debug1: Attempting authentication for sisyphus.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: trying public RSA key file /home/sisyphus/.ssh/authorized_keys
debug3: secure_filename: checking '/home/sisyphus/.ssh'
debug3: secure_filename: checking '/home/sisyphus'
debug3: secure_filename: terminating check at '/home/sisyphus'
debug1: restore_uid
Failed rsa for sisyphus from 127.0.0.1 port 38968
debug1: rcvd SSH_CMSG_AUTH_TIS
Failed challenge-response for sisyphus from 127.0.0.1 port 38968
Connection closed by 127.0.0.1

sshd -ddd on openssh 3.0:
debug1: match: OpenSSH_3.0.2p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_3.0.2p1
debug1: Rhosts Authentication disabled, originating port 38971 not trusted.
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Starting up PAM with username "sisyphus"
debug3: Trying to reverse map address 127.0.0.1.
debug1: PAM setting rhost to "localhost.localdomain"
debug1: Attempting authentication for sisyphus.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: trying public RSA key file /home/sisyphus/.ssh/authorized_keys
debug3: secure_filename: checking '/home/sisyphus/.ssh'
debug3: secure_filename: checking '/home/sisyphus'
debug3: secure_filename: terminating check at '/home/sisyphus'
debug1: restore_uid
Accepted rsa for sisyphus from 127.0.0.1 port 38971
debug1: session_new: init
debug1: session_new: session 0

This is really weird.....
Comment 3 Matt Mahler 2002-03-18 09:11:31 AEDT 
Sorry that last post I made a mistake and posted the wrong config file on it.
It would appear that if in the sshd config file if you use ~ it looks for root's 
home, not the user trying to connect.

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      ~/.ssh/authorized_keys

if that's your config you get this:

debug1: match: OpenSSH_3.0 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Starting up PAM with username "sisyphus"
debug3: Trying to reverse map address 128.138.39.14.
debug1: PAM setting rhost to "strn39-14-dhcp.resnet.colorado.edu"
debug1: Attempting authentication for sisyphus.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: trying public RSA key file /root/.ssh/authorized_keys
debug1: restore_uid
Failed rsa for sisyphus from 128.138.39.14 port 11065
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: trying public RSA key file /root/.ssh/authorized_keys
debug1: restore_uid
Failed rsa for sisyphus from 128.138.39.14 port 11065
debug1: rcvd SSH_CMSG_AUTH_TIS
Failed challenge-response for sisyphus from 128.138.39.14 port 11065

if you change it to this :
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys

it'll work right.
but ~/.ssh/authorized_keys works fine in openssh3.0

sorry about that last mix up.
Comment 4 Ben Lindstrom 2002-03-18 10:31:45 AEDT 
AuthorizedKeysFile     %h/.ssh/authorized_keys
or
AuthorizedKeysFile     .ssh/authorized_keys

are the defaults (depending on the release).  

Not sure how ~/.ssh/authorized_keys ever worked since we call 
auth.c:expand_filename() which only honors %%, %h, %u.  The same holds true for 
3.0.

- Ben
Comment 5 Matt Mahler 2002-03-19 05:29:20 AEDT 
hmmm, not sure how it works eaither, but it does oddly work in 3.0...
Comment 6 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED