'[jira] [Created] (SSHD-1291) Protocol violation when using async PublicKey auth'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mina-dev
Subject:    [jira] [Created] (SSHD-1291) Protocol violation when using async PublicKey auth
From:       "Evgeny Pasynkov (Jira)" <jira () apache ! org>
Date:       2022-08-19 13:58:30
Message-ID: JIRA.13477610.1660917767000.177459.1660917780037 () Atlassian ! JIRA
[Download RAW message or body]

Evgeny Pasynkov created SSHD-1291:
-------------------------------------

             Summary: Protocol violation when using async PublicKey auth
                 Key: SSHD-1291
                 URL: https://issues.apache.org/jira/browse/SSHD-1291
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 2.9.0
            Reporter: Evgeny Pasynkov


Hi. 

I've noticed that SSHD server violates RFC 4252 section 7 \
(https://www.rfc-editor.org/rfc/rfc4252#section-7) when using asynchronous public key \
auth (which means throwing AsyncAuthException() from PublickeyAuthenticator \
implementation.

Part of the client log when using sync approach


{code}
debug1: Next authentication method: publickey
debug1: Offering public key:xxxxxxx RSA \
                SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: xxxxxxxx RSA \
                SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0
debug3: sign_and_send_pubkey: using publickey with RSA \
                SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0
debug3: sign_and_send_pubkey: signing using rsa-sha2-512 \
                SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0
debug3: send packet: type 50
debug3: receive packet: type 52
Authenticated to localhost ([::1]:2224) using "publickey".
{code}

when using "async" approach:

{code}
debug1: Next authentication method: publickey
debug1: Offering public key: xxxxxxxxxx RSA \
                SHA256:yCES5R3fRyROO6W3GRfte9EelwXcM29IM3zOzsvwuv0
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 52
Authenticated to localhost ([::1]:2224) using "publickey".
{code}

Please note that mandatory packet SSH_MSG_USERAUTH_PK_OK is missing.
Though standard client tolerates this difference (at least OpenSSH_9.0p1), not all of \
them do this. Jsch failed to establish session 




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic