Segmentation fault with P256 ECDSA key from sekey

[martinpaljak]

Using a key from https://github.com/sekey/sekey, connecting to Debian Buster with ii libpam-ssh-agent-auth:amd64 0.10.3-3 amd64 PAM Authentication via forwarded ssh-agent I get a segmentation fault after being asked for fingerprint.

#0  0x00007fd672c73610 in BN_is_zero ()
    at /lib/x86_64-linux-gnu/libcrypto.so.1.1
#1  0x00007fd672cc671a in  () at /lib/x86_64-linux-gnu/libcrypto.so.1.1
#2  0x00007fd672f365ab in ssh_ecdsa_verify ()
    at /lib/x86_64-linux-gnu/security/pam_ssh_agent_auth.so
#3  0x00007fd672f4ac76 in userauth_pubkey_from_id ()
    at /lib/x86_64-linux-gnu/security/pam_ssh_agent_auth.so
#4  0x00007fd672f4aa5b in pamsshagentauth_find_authorized_keys ()
    at /lib/x86_64-linux-gnu/security/pam_ssh_agent_auth.so
#5  0x00007fd672f4c8f9 in pam_sm_authenticate ()
    at /lib/x86_64-linux-gnu/security/pam_ssh_agent_auth.so
#6  0x00007fd672f5fd14 in  () at /lib/x86_64-linux-gnu/libpam.so.0
#7  0x00007fd672f5f61f in pam_authenticate ()
    at /lib/x86_64-linux-gnu/libpam.so.0

And this in auth.log

Sep 18 08:35:57 X systemd-logind[1391]: New session 1501 of user X.
Sep 18 08:36:03 X sudo[106595]: pam_ssh_agent_auth: matching key found: file/command /etc/security/authorized_keys, line 2
Sep 18 08:36:03 X sudo[106595]: pam_ssh_agent_auth: Found matching ECDSA key: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx

[KeyofBlueS]

Same for me using a P521 ECDSA

[setharnold]

This was reported to Ubuntu by a user: https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1869512

We have prepared a candidate patch that may address this issue: https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1869512/+attachment/5351449/+files/lp1869512.patch

I hope this helps.

Thanks

[wmertens]

~@setharnold I tried applying the patch but it doesn't fix it for me on the latest 0.10.4 release~

false alarm sorry, it works