[jira] [Comment Edited] (SSHD-945) DSA 2048 public key authentication fails

Thu, 03 Oct 2019 02:45:52 -0700 


    [ 
https://issues.apache.org/jira/browse/SSHD-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16943455#comment-16943455
 ] 

Thomas Wolf edited comment on SSHD-945 at 10/3/19 9:44 AM:
-----------------------------------------------------------

Sorry, I mis-interpreted that bit:
{quote}
{code:java}
debug2: input_userauth_pk_ok: fp 
SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M
debug3: sign_and_send_pubkey: DSA 
SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M
{code}
{quote}
This SHA256 is just the hash of the DSA key.

Running the test again with server-side logging and then looking at the code of 
OpenSSH, it looks as if OpenSSH actually uses the DSA 2048 key but with a 
160bit SHA1 signature hash. The server goes through
 * 
[userauth_pubkey|https://github.com/openssh/openssh-portable/blob/be02d7c/auth2-pubkey.c#L213]
 * 
[sshkey_verify|https://github.com/openssh/openssh-portable/blob/be02d7c/sshkey.c#L2662]
 * 
[ssh_dss_verify|https://github.com/openssh/openssh-portable/blob/be02d7c/ssh-dss.c#L120]
 where SHA1 and 160bits are hardcoded.

So it uses and accepts something it shouldn't use at all.

Apache sshd is in fact correct to complain that "the security strength of SHA-1 
digest algorithm is not sufficient for this key".


was (Author: wolft):
Sorry, I mis-interpreted that bit:
{quote}
{code:java}
debug2: input_userauth_pk_ok: fp 
SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M
debug3: sign_and_send_pubkey: DSA 
SHA256:usOY30m0OcvF44d+OK0TezJ9xfOoY0c6Fn1lzA+gQ6M
{code}
{quote}
This SHA256 is just the hash of the DSA key.

Running the test again with server-side logging and then looking at the code of 
OpenSSH, it looks as if OpenSSH actually uses the DSA 2048 key but with a 
160bit SHA1 signature hash. The server goes through
 * 
[userauth_pubkey|https://github.com/openssh/openssh-portable/blob/be02d7c/auth2-pubkey.c#L213]
 * 
[sshkey_verify|https://github.com/openssh/openssh-portable/blob/be02d7c/sshkey.c#L2662]
 * 
[ssh_dss_verify|https://github.com/openssh/openssh-portable/blob/be02d7c/ssh-dss.c#L120]
 where SHA1 and 160bits are hardcoded.

So it uses something it shouldn't use at all.

sshd is in fact correct to complain that "the security strength of SHA-1 digest 
algorithm is not sufficient for this key".

> DSA 2048 public key authentication fails
> ----------------------------------------
>
>                 Key: SSHD-945
>                 URL: https://issues.apache.org/jira/browse/SSHD-945
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 2.1.0
>            Reporter: Logan
>            Priority: Major
>         Attachments: DSAKeyTests.java
>
>
> While RSA 1024, 2048 and DSA 1024 keys succeed, DSA 2048 fails with error 
> trace listed below. I am trying to figure out if the issue is related to DSA 
> keys generated by JDK or apache SSHD. Attached is the test case. 
>  
> Tests with JSch API also fail with DSA 2048 keys.
>  
> Error trace:
> {code:java}
> org.apache.sshd.common.SshException: No more authentication methods 
> availableorg.apache.sshd.common.SshException: No more authentication methods 
> available at 
> org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:318)
>  at 
> org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:254)
>  at 
> org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:201)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:626)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:559)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1542)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:520)
>  at 
> org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:63)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:339)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:318)
>  at 
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:315)
>  at 
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
>  at java.security.AccessController.doPrivileged(Native Method) at 
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
>  at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at 
> sun.nio.ch.Invoker$2.run(Invoker.java:218) at 
> sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
>  at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>  at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>  at java.lang.Thread.run(Thread.java:748){code}
> [^DSAKeyTests.java]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to