dropbear - RSA authentication sporadically fails

Engelmayer Christian Christian.Engelmayer at frequentis.com
Tue Oct 27 17:33:05 WST 2009


Hi Matt,

It seems to me that the dropbear daemon enforces clients to use
some kind of padding schema for public key authentication. I think
it is obvious why there are detailed standards and all good clients
do that anyway.

I would like to know whether You think it would be a good idea to
also allow older clients that use RSA without padding. As said,
following the ssh RFCs I was missing the requirement that clients
MUST use padding schemes when using RSA.

I don’t want to start a discussion on security best practices, but
just like to know Your opinion whether that could be a topic that
effects more users and should be solved in the daemon as to provide
the same level of interoperability as other ssh implementations.

Regards,
Christian

> -----Original Message-----
> From: dropbear-bounces at ucc.asn.au [mailto:dropbear-bounces at ucc.asn.au] On
Behalf Of Engelmayer Christian
> Sent: Tuesday, October 20, 2009 1:27 PM
> To: dropbear at ucc.asn.au
> Subject: dropbear - RSA authentication sporadically fails
> 
> Hi,
> 
> I have got the problem that a client that periodically connects
> to a dropbear server occasionally fails to authenticate as the
> size check in buf_rsa_verify() fails (slen is 127 vs. 128 as
> calculated from n).
> 
> 	if (slen != (unsigned int)mp_unsigned_bin_size(key->n)) {
> 		TRACE(("bad size"))
> 		goto out;
> 	}
> 
> Removing the check I can see that the user can be authenticated.
> After stepping a bit into the topic it seems to me like the following
> issue that was solved for OpenSSH. Also this client only faces the
> problem when connecting to a dropbear server.
> 
> 
>
<http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed
> .html>
> 
> At the moment I am not sure whether this check is stricter than
> the requirements stated in the RFCs. Any suggestions?
> 
> Regards,
> Christian
> 
> 




More information about the Dropbear mailing list