2018-09-05 20:44:09 |
Scott Emmons |
bug |
|
|
added bug |
2018-09-05 20:44:44 |
Scott Emmons |
bug |
|
|
added subscriber Netflix Engineering |
2018-09-05 20:45:54 |
Launchpad Janitor |
openssh (Ubuntu): status |
New |
Confirmed |
|
2018-09-05 20:52:45 |
Andreas Hasenack |
bug |
|
|
added subscriber Andreas Hasenack |
2018-09-05 20:56:42 |
Forest Monsen |
bug |
|
|
added subscriber Forest Monsen |
2018-09-05 20:58:21 |
Scott Emmons |
description |
Users are unable to connect to Ubuntu when using openssh client 7.8. We have seen this with both xenial and bionic, but this affects connecting to ANY host running openssh <7.8.
The only known recourse at this time is either downgrade clients to 7.7 or a previous version of openssh, or create new keys/certificates with a different alg that is acceptable for both the older server and newer client.
The error message via ssh -vvv is:
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:REDACTED
debug1: send_pubkey_test: no mutual signature algorithm
It appears that the change noted here in the release notes[1] for 7.8 is related:
* sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar
HostbasedAcceptedKeyTypes options have changed. These now specify
signature algorithms that are accepted for their respective
authentication mechanism, where previously they specified accepted
key types. This distinction matters when using the RSA/SHA2
signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their
certificate counterparts. Configurations that override these
options but omit these algorithm names may cause unexpected
authentication failures (no action is required for configurations
that accept the default for these options).
This is also affecting other Linux distributions as well:
https://bugzilla.redhat.com/show_bug.cgi?id=1623929
https://bugs.archlinux.org/task/59838
[1] https://www.openssh.com/releasenotes.html |
Users are unable to connect to Ubuntu when using openssh client 7.8. We have seen this with both xenial and bionic, but this affects connecting to ANY host running openssh server <7.8.
The only known recourse at this time is either downgrade clients to 7.7 or a previous version of openssh, or create new keys/certificates with a different alg that is acceptable for both the older server and newer client.
The error message via ssh -vvv is:
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:REDACTED
debug1: send_pubkey_test: no mutual signature algorithm
It appears that the change noted here in the release notes[1] for 7.8 is related:
* sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar
HostbasedAcceptedKeyTypes options have changed. These now specify
signature algorithms that are accepted for their respective
authentication mechanism, where previously they specified accepted
key types. This distinction matters when using the RSA/SHA2
signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their
certificate counterparts. Configurations that override these
options but omit these algorithm names may cause unexpected
authentication failures (no action is required for configurations
that accept the default for these options).
This is also affecting other Linux distributions as well:
https://bugzilla.redhat.com/show_bug.cgi?id=1623929
https://bugs.archlinux.org/task/59838
[1] https://www.openssh.com/txt/release-7.8 |
|
2018-09-05 21:31:59 |
Scott Emmons |
summary |
Unable to connect with openssh 7.8 client |
Unable to connect with openssh 7.8 client and certificates |
|
2018-09-05 21:36:52 |
Scott Emmons |
description |
Users are unable to connect to Ubuntu when using openssh client 7.8. We have seen this with both xenial and bionic, but this affects connecting to ANY host running openssh server <7.8.
The only known recourse at this time is either downgrade clients to 7.7 or a previous version of openssh, or create new keys/certificates with a different alg that is acceptable for both the older server and newer client.
The error message via ssh -vvv is:
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:REDACTED
debug1: send_pubkey_test: no mutual signature algorithm
It appears that the change noted here in the release notes[1] for 7.8 is related:
* sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar
HostbasedAcceptedKeyTypes options have changed. These now specify
signature algorithms that are accepted for their respective
authentication mechanism, where previously they specified accepted
key types. This distinction matters when using the RSA/SHA2
signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their
certificate counterparts. Configurations that override these
options but omit these algorithm names may cause unexpected
authentication failures (no action is required for configurations
that accept the default for these options).
This is also affecting other Linux distributions as well:
https://bugzilla.redhat.com/show_bug.cgi?id=1623929
https://bugs.archlinux.org/task/59838
[1] https://www.openssh.com/txt/release-7.8 |
Users are unable to connect to Ubuntu when using openssh client 7.8 and certificates. We have seen this with both xenial and bionic, but this affects connecting to ANY host running openssh server <7.8.
It appears to be specific to using certificate authentication.
The only known recourse at this time is either downgrade clients to 7.7 or a previous version of openssh, or create new keys/certificates with a different alg that is acceptable for both the older server and newer client.
The error message via ssh -vvv is:
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:REDACTED
debug1: send_pubkey_test: no mutual signature algorithm
When comparing the list returned from a 7.6 server and a 7.8 server via "ssh -Q key", we find that 7.8 returns rsa-sha2-512-cert-v01@openssh.com and rsa-sha2-256-cert-v01@openssh.com which are not present (or valid) for the earlier version server.
It appears that the change noted here in the release notes[1] for 7.8 is related:
* sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar
HostbasedAcceptedKeyTypes options have changed. These now specify
signature algorithms that are accepted for their respective
authentication mechanism, where previously they specified accepted
key types. This distinction matters when using the RSA/SHA2
signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their
certificate counterparts. Configurations that override these
options but omit these algorithm names may cause unexpected
authentication failures (no action is required for configurations
that accept the default for these options).
This is also affecting other Linux distributions as well:
https://bugzilla.redhat.com/show_bug.cgi?id=1623929
https://bugs.archlinux.org/task/59838
[1] https://www.openssh.com/txt/release-7.8 |
|
2018-09-07 10:50:36 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
2018-09-07 10:56:55 |
Christian Ehrhardt |
bug |
|
|
added subscriber Colin Watson |
2018-09-07 16:14:28 |
Scott Emmons |
bug watch added |
|
https://bugzilla.mindrot.org/show_bug.cgi?id=2799 |
|
2018-09-11 14:56:52 |
Christian Ehrhardt |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=1623929 |
|
2018-09-11 14:56:52 |
Christian Ehrhardt |
bug task added |
|
openssh (Fedora) |
|
2018-09-11 14:57:46 |
Christian Ehrhardt |
bug |
|
|
added subscriber Christian Ehrhardt |
2018-09-11 16:22:29 |
JShackelford |
bug |
|
|
added subscriber JShackelford |
2018-11-07 18:30:18 |
Bug Watch Updater |
openssh (Fedora): status |
Unknown |
Confirmed |
|
2018-11-07 18:30:18 |
Bug Watch Updater |
openssh (Fedora): importance |
Unknown |
Undecided |
|
2018-11-15 16:29:05 |
Launchpad Janitor |
openssh (Ubuntu): status |
Confirmed |
Fix Released |
|