ssh GSSAPI rekey failure
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Xenial |
Won't Fix
|
Medium
|
Unassigned | ||
Yakkety |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
If I have ssh set up using GSSAPI with rekeying enabled, then the connection fails on rekey, and tries to do host-based verification 'mid-session'.
Steps to reproduce:
$ ssh -vvv server.example.com
<snip...>
debug1: Authenticating to ssh.example.com:22 as 'user'
<snip...>
debug2: local client KEXINIT proposal
debug2: KEX algorithms: gss-gex-
<snip...>
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: gss-gex-
<snip...>
Last login: Tue Aug 02 10:47:20 2016 from foo
# Then do 'kinit' on the client to get a new ticket...
debug1: need rekeying
debug1: SSH2_MSG_KEXINIT sent
debug1: rekeying in progress
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: <email address hidden>
debug2: host key algorithms: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
[...]
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: gss-gex-
[...]
debug1: kex: algorithm: <email address hidden>
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: <email address hidden> MAC: <implicit> compression: none
debug1: kex: client->server cipher: <email address hidden> MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_
debug1: rekeying in progress
debug1: rekeying in progress
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:
The authenticity of host 'server.example.com (10.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:
Are you sure you want to continue connecting (yes/no)?
Host key verification failed.
It looks like the list of KEX algorithms differs between the initial connection, and the rekeying.
This behaviour seems to occur with a client running 16.04 (openssh-client 1:7.2p2-4ubuntu1) but not on 15.10 (openssh-client 1:6.9p1-
ssh_config is as follows:
HashKnownHosts no
GSSAPIAuthentic
GSSAPIDelegateC
GSSAPIRenewalFo
GSSAPITrustDNS yes
GSSAPIKeyExchange yes
ForwardX11 yes
ForwardX11Trusted yes
Status changed to 'Confirmed' because the bug affects multiple users.