dropbear - RSA authentication sporadically fails
Engelmayer Christian
Christian.Engelmayer at frequentis.com
Tue Oct 27 17:33:05 WST 2009
Hi Matt,
It seems to me that the dropbear daemon enforces clients to use
some kind of padding schema for public key authentication. I think
it is obvious why there are detailed standards and all good clients
do that anyway.
I would like to know whether You think it would be a good idea to
also allow older clients that use RSA without padding. As said,
following the ssh RFCs I was missing the requirement that clients
MUST use padding schemes when using RSA.
I don’t want to start a discussion on security best practices, but
just like to know Your opinion whether that could be a topic that
effects more users and should be solved in the daemon as to provide
the same level of interoperability as other ssh implementations.
Regards,
Christian
> -----Original Message-----
> From: dropbear-bounces at ucc.asn.au [mailto:dropbear-bounces at ucc.asn.au] On
Behalf Of Engelmayer Christian
> Sent: Tuesday, October 20, 2009 1:27 PM
> To: dropbear at ucc.asn.au
> Subject: dropbear - RSA authentication sporadically fails
>
> Hi,
>
> I have got the problem that a client that periodically connects
> to a dropbear server occasionally fails to authenticate as the
> size check in buf_rsa_verify() fails (slen is 127 vs. 128 as
> calculated from n).
>
> if (slen != (unsigned int)mp_unsigned_bin_size(key->n)) {
> TRACE(("bad size"))
> goto out;
> }
>
> Removing the check I can see that the user can be authenticated.
> After stepping a bit into the topic it seems to me like the following
> issue that was solved for OpenSSH. Also this client only faces the
> problem when connecting to a dropbear server.
>
>
>
<http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed
> .html>
>
> At the moment I am not sure whether this check is stricter than
> the requirements stated in the RFCs. Any suggestions?
>
> Regards,
> Christian
>
>
More information about the Dropbear
mailing list