tomaswolf commented on issue #531: URL: https://github.com/apache/mina-sshd/issues/531#issuecomment-2232576893
The key exchange worked and did use a ssh-rsa signature. It's the public key authentication that then uses rsa-sha-512 by default first. Apparently the server is configured with [MaxAuthTries](https://man.openbsd.org/sshd_config#MaxAuthTries) = 1. Apache MINA sshd takes advantage of: > When the new rsa-sha2-* algorithms have been sufficiently widely adopted to warrant disabling "ssh-rsa", clients MAY default to one of the new algorithms. [RFC 8332, section 3.3](https://datatracker.ietf.org/doc/html/rfc8332#section-3.3) which apparently doesn't work with this server. (We try first rsa-sha2-512, and if that fails rsa-sha2-256, then ssh-rsa. But if the server allows less than 3 authentication attempts, this will fail.) This should probably be done more conservatively. We can change that so that we include the signature negotiated for the host key into consideration for RSA user keys: 1. if we did get a "server-sig-algs" extension message, start with the strongest algorithm mentioned there, 2. otherwise start with the signature algorithm negotiated for the host key, if it is an RSA signature, 3. otherwise, proceed as currently: start with rsa-sha2-512, then try rsa-sha2-256, then try ssh-rsa. Point (2) would be new, and is based on the assumption that a server that does support rsa-sha2* and does not implement the server-sig-algs extension is unlikely to be configured to use ssh-rsa for the host key exchange, but then accept (only) rsa-sha2* for the public key authentication. OTOH an old server that knows only ssh-rsa also won't send server-sig-algs, and thus using the host key signature algorithm ssh-rsa for the public key authentication will be fine. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org