rtrlib/transport/ssh/ssh_transport.c: fix ssh-rsa public key auth#300
Open
ivan4th wants to merge 1 commit intortrlib:masterfrom
Open
rtrlib/transport/ssh/ssh_transport.c: fix ssh-rsa public key auth#300ivan4th wants to merge 1 commit intortrlib:masterfrom
ivan4th wants to merge 1 commit intortrlib:masterfrom
Conversation
When SSH public key authentication is attempted right after ssh_connect(), there's a chance `SSH_MSG_EXT_INFO` message will not be received by the client in timely manner. In case if an `ssh-rsa` public key is being used, this in turn may lead to libssh picking SHA1 digest algorithm, which is disabled by default: https://github.com/canonical/libssh/blob/f23d1454e50d0dbb314edd9bf4227ab72303484b/src/pki.c#L443-L454 This may cause intermittent SSH authentication failures with no clear reason as SSH logging is disabled in rtrlib. The fix is based on this suggestion: https://archive.libssh.org/libssh/2025-05/0000023.html
Author
|
Sadly I can't check why CI is failing (page won't load / sometimes it loads and asks for login credentials) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Contribution description
When SSH public key authentication is attempted right after
ssh_connect(), there's a chanceSSH_MSG_EXT_INFOmessage will not be received by the client in timely manner. In case if anssh-rsapublic key is being used, this in turn may lead to libssh picking SHA1 digest algorithm, which is disabled by default:https://github.com/canonical/libssh/blob/f23d1454e50d0dbb314edd9bf4227ab72303484b/src/pki.c#L443-L454 This may cause intermittent SSH public key authentication failures with no clear reason as SSH logging is disabled in rtrlib.
The fix is based on this suggestion:
https://archive.libssh.org/libssh/2025-05/0000023.html
It is possible to work around the problem by using
PubkeyAcceptedAlgorithmsin/etc/ssh/configor~/.ssh/config, but there are a couple of issues with this approach:libssh, you can't usePubkeyAcceptedAlgorithms +ssh-rsaand you must list all the algos insteadssh-rsato the list of pubkey algos weakens security as it also enablesSHA1digests, weakening SSH securitySupport for
ssh-rsapublic keys is required by RFC8210: https://datatracker.ietf.org/doc/html/rfc8210#section-9.1Testing procedure
In order to reproduce the issue, you need to use
ssh-rsakey for RPKI SSH authentication.We tested it using downstream FRR version, with StayRTR being used as the server.
It is not easy to trigger reliably b/c the issue is very time-dependent. The issue with
libsshssh-rsapublic key authentication is rather known though, it started causing problems afterlibsshtightened their security defaults and disabledSHA1digest for auth.