Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Bugs

[Bug 1483] New: Unable to select desired (DSA) key file

  

 
OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded


bugzilla-daemon at bugzilla

Jul 8, 2008, 5:04 PM

Post #1 of 1 (235 views)
Permalink
[Bug 1483] New: Unable to select desired (DSA) key file
https://bugzilla.mindrot.org/show_bug.cgi?id=1483

Summary: Unable to select desired (DSA) key file
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: Other
OS/Version: FreeBSD
Status: NEW
Severity: major
Priority: P2
Component: scp
AssignedTo: unassigned-bugs [at] mindrot
ReportedBy: rannumgen [at] globaleyes


There is a problem with (portable) OpenSSHv5.0 with regards to key
selection.

In the past, with SCP, you could use the "identity key file '-i'"
parameter to select THE specific key to be used for the SCP
transaction, and it didn't matter WHAT TYPE of key (RSA/DSA) was used.

1) According to the MANual page for V5.0 SSH:

-i identity_file
Selects the file from which the identity (private key) for
RSA
authentication is read. This option is directly passed to
ssh(1).

NOTE the explicit specification of RSA!

2) when using v5.0 "-i" parameter, the selected key file does not
appear FIRST in any list of keys (joined from an SSH "config" file),
nor does it completed replace/supplant any key list available through
any SSH
configuration file (global or local); in this example - the
"MYdesignatedKEY" key was associated with the "-i" parameter:

debug2: key: /<path>/.ssh/id_rsa (0x813ceXX)
debug2: key: /<path>/.ssh/id_dsa (0x813ceXX)
debug2: key: /<path>/.ssh/MYdesignatedKEY (0xgarbale)
debug2: key: /<path>/.ssh/id_dsa_new (0x813ceXX)
debug2: key: /<path>/.ssh/id_rsa_new (0x813cfXX)

3) In order to ignore/bypass ANY SSH config file, you have to supply an
EXISTING file, even if empty, with the "-F" parameter!

4) Last but not least, when selecting a specific identity file using
the "-o ssh option" parameter, and an empty "SSH config file", SSHDv5.0
STILL refuses to use the specified key:

debug2: key: /<path>/.ssh/MYdesignatedKEY (0xgarble0)
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key:
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: fp
GG:AA:RR:BB:LL:EE:e3:c8:b1:2f:af:5b:0f:d7:dc:a7
debug1: Authentication succeeded (publickey).


fingerprint for MYdesignatedKEY.pub:
GG:AA:RR:BB:LL:EE:c5:5f:6d:1b:af:51:0d:ae:f0:30

fingerprint for default "id_rsa.pub":
GG:AA:RR:BB:LL:EE:e3:c8:b1:2f:af:5b:0f:d7:dc:a7

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.