This bug report is just a copy of PR #307 on Github https://github.com/openssh/openssh-portable/pull/307 I found a bug in ssh-keygen Steps to reproduce: $ ssh-keygen -Y check-novalidate -s anyfile.txt.sig < anyfile.txt Segmentation fault (core dumped) The problem is missing -n option resulting in null pointer being passed to strcmp() (gdb) bt #0 __strcmp_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcmp-sse2-unaligned.S:31 #1 0x0000563613b33dcf in sshsig_wrap_verify (signature=signature@entry=0x563614433040, hashalg=0x5636144332f0 "sha512", h_message=<optimized out>, expect_namespace=expect_namespace@entry=0x0, sign_keyp=sign_keyp@entry=0x7fffb358fed0, sig_details=sig_details@entry=0x7fffb358fed8) at sshsig.c:339 #2 0x0000563613b354f0 in sshsig_verify_fd (signature=0x563614433040, fd=0, expect_namespace=0x0, sign_keyp=0x7fffb358fed0, sig_details=0x7fffb358fed8) at sshsig.c:605 #3 0x0000563613b2c566 in sig_verify (signature=0x7fffb35926d0 "nauka1.txt.sig", sig_namespace=0x0, principal=0x0, allowed_keys=0x0, revoked_keys=0x0, opts=<optimized out>, nopts=0) at ssh-keygen.c:2753 #4 0x0000563613b321b8 in main (argc=0, argv=0x7fffb3590560) at ssh-keygen.c:3546
Thanks, fix has been committed and will be in OpenSSH 9.0 commit a0b5816f8f1f645acdf74f7bc11b34455ec30bac Author: djm@openbsd.org <djm@openbsd.org> Date: Fri Mar 18 02:31:25 2022 +0000 upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV will ensue. Patch from Mateusz Adamowski via GHPR#307 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
closing bug resolved during openssh-9.0 release cycle