972 – openssh-3.9_p1-r1 login problem

Bug 972 - openssh-3.9_p1-r1 login problem

Summary: openssh-3.9_p1-r1 login problem

Status:	CLOSED INVALID

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	3.9p1
Hardware:	Other Linux

Importance:	P2 normal
Assignee:	OpenSSH Bugzilla mailing list

URL:	http://bugs.gentoo.org/show_bug.cgi?i...
Keywords:

Depends on:
Blocks:

Reported:	2005-01-15 23:43 AEDT by Simon Stelling
Modified:	2006-10-07 11:38 AEST (History)
CC List:	0 users

See Also:

Attachments
key (467 bytes, text/plain) 2005-01-17 00:29 AEDT, Simon Stelling	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Simon Stelling 2005-01-15 23:43:36 AEDT

sshd doesn't like this key:

cat ~hansmi/.ssh/authorized_keys2
ssh-dss
AAAB3NzaC1kc3MAAACBANuRyCB3NI4DEg5s9zWQID2N1zMUl/jKu8mjhhg03VbPUbIqhSy+5Eh0Bm/ccTdChBRvq6Y4pedFfkVhf5v2sAvhQfDB+q19kF2TLPUVvuKwClkr3Wk7+sSfhqlvxyEK04cwHkbM7fCopXFDhLcqaJuDsrVRM0FVfEFndsFtgPjPAAAAFQDUzCfxQxcZcPPQi6EGLNBhcSkewwAAAIEAhFtWzhgwHon0Ux8YhSdRy9mEDCT19Og6Eu/LkfqZEmhB38dJLzwDunNGRcAGMVvtm4280o8/bpqzCgJHh6/lq+pyBaP8gEdeFJRdZhuGcRc6ViW+hSxOc6fR/xNL+SSMxtDdSg925g6k79AyXGBnDA7r/REVpM3lLygDCEQhfqoAAACBAM0ZkrvhM6vq5lxXe9MrJA2bsM2laIBy
michael@koala.lan

when trying to login, the user gets this:

$ ssh -l hansmi host -p 2222
Connection closed by 217.148.7.65

/var/log/auth.log says:

Jan 15 12:59:33 aqua sshd[23772]: fatal: buffer_get: trying to get more bytes
129 than in buffer 24

password authentication works

gcc-3.4.3, glibc-2.3.4.20041102-r0, 2.6.9-gentoo-r10 x86_64
=================================================================
System uname: 2.6.9-gentoo-r10 x86_64 AMD Opteron(tm) Processor 242
Gentoo Base System version 1.6.8
sys-devel/autoconf:  2.59-r6, 2.13
sys-devel/automake:  1.5, 1.4_p6, 1.9.4, 1.8.5-r2, 1.6.3, 1.7.9
sys-devel/binutils:  2.15.92.0.2-r2
sys-devel/libtool:   1.5.10-r2
virtual/os-headers:  2.6.8.1-r3
CFLAGS="-O3 -pipe -march=k8"
CHOST="x86_64-pc-linux-gnu"
CXXFLAGS="-O3 -pipe -march=k8"
MAKEOPTS="-j3"

it was built with support for the following:

net-misc/openssh-3.9_p1-r1 tcpd

-r1 is gentoo-specific

this is an amd64-box

please also have a look at the gentoo bug in the url

Comment 1 Damien Miller 2005-01-16 01:06:38 AEDT

The key looks to be corrupt in some way (ssh-keygen can't parse it either).
OpenSSH -current will more gracefully handle such broken keys and not terminate
the connection when it encounters them.

Could you check that the public key is not damaged? You can regenerate the
public key from the private key using "ssh-keygen -yf /path/to/private.key"

Comment 2 Simon Stelling 2005-01-16 03:07:02 AEDT

seems like the key is correct, keygen built exactly the same again

Comment 3 Damien Miller 2005-01-16 09:02:30 AEDT

Please attach the public key as a file to this bug.

Comment 4 Simon Stelling 2005-01-17 00:29:26 AEDT

Created attachment 768 [details]
key

here you are

Comment 5 Darren Tucker 2005-02-02 12:40:13 AEDT

The public key appears truncated: encoded it's about 140 bytes shorter than a
1024-bit DSA key.  A couple of things to try:

* does the OpenSSL library's self-test pass?  ("make test" after building).
* perhaps the private key is damaged.  Does the same problem occur if you
generate and use a new private key?
* does the problem occur if you build OpenSSL and OpenSSH without the compiler
optimization?

Comment 6 Simon Stelling 2005-02-02 20:42:13 AEDT

* does the OpenSSL library's self-test pass?  ("make test" after building).

yes

* perhaps the private key is damaged.  Does the same problem occur if you
generate and use a new private key?

that's possible, the same key has afaik also problems on a sparc/alpha. any
other keys i'm using work, so i think it's the key that is truncated.

thanks anyway

Comment 7 Darren Tucker 2006-10-07 11:38:32 AEST

Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.