search

mwiede / jsch

fork of the popular jsch library
Other
712 stars 132 forks source link

public key auth works with rsa-sha-512 for some versions of openSSH but not for other versions of openSSH #407

Open kookcoder6 opened 11 months ago

kookcoder6 commented 11 months ago

Does anyone know why this may be the case?

rsa sha1 succeeds (I want rsa-sha2 to succeed) Connecting to port 22 Connection established Remote version string: SSH-2.0-OpenSSH8.7 Local version string: SSH-2.0-JSCH${versionWithoutMinus} CheckCiphers: chacha20-poly1305@openssh.com CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512 CheckSignatures: ssh-ed25519,ssh-ed448 server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 SSH_MSG_KEXINIT sent SSH_MSG_KEXINIT received server proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 server proposal: host key algorithms: ecdsa-sha2-nistp256,ssh-ed25519 server proposal: ciphers c2s: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc server proposal: ciphers s2c: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc server proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 server proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 server proposal: compression c2s: none,zlib@openssh.com server proposal: compression s2c: none,zlib@openssh.com server proposal: languages c2s: server proposal: languages s2c: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c client proposal: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 client proposal: compression c2s: none client proposal: compression s2c: none client proposal: languages c2s: client proposal: languages s2c: kex: algorithm: curve25519-sha256 kex: host key algorithm: ecdsa-sha2-nistp256 kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none SSH_MSG_KEX_ECDH_INIT sent expecting SSH_MSG_KEX_ECDH_REPLY ssh_ecdsa_verify: ecdsa-sha2-nistp256 signature true Host '' is known and matches the ECDSA host key SSH_MSG_NEWKEYS sent SSH_MSG_NEWKEYS received SSH_MSG_SERVICE_REQUEST sent SSH_MSG_EXT_INFO received server-sig-algs=ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com SSH_MSG_SERVICE_ACCEPT received Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password Next authentication method: gssapi-with-mic Authentications that can continue: publickey,keyboard-interactive,password Next authentication method: publickey PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa, ssh-dss] rsa-sha2-512 preauth success rsa-sha2-512 auth failure rsa-sha2-256 preauth success rsa-sha2-256 auth failure ssh-rsa preauth success ssh-rsa auth success Authentication succeeded (publickey).

rsa-sha2 succeeds

Connecting to port 22 Connection established Remote version string: SSH-2.0-OpenSSH7.4 Local version string: SSH-2.0-JSCH${versionWithoutMinus} CheckCiphers: chacha20-poly1305@openssh.com CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512 CheckSignatures: ssh-ed25519,ssh-ed448 server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 SSH_MSG_KEXINIT sent SSH_MSG_KEXINIT received server proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 server proposal: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 server proposal: ciphers c2s: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc server proposal: ciphers s2c: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc server proposal: MACs c2s: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 server proposal: MACs s2c: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 server proposal: compression c2s: none,zlib@openssh.com server proposal: compression s2c: none,zlib@openssh.com server proposal: languages c2s: server proposal: languages s2c: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c client proposal: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 client proposal: compression c2s: none client proposal: compression s2c: none client proposal: languages c2s: client proposal: languages s2c: kex: algorithm: curve25519-sha256 kex: host key algorithm: ssh-rsa kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none SSH_MSG_KEX_ECDH_INIT sent expecting SSH_MSG_KEX_ECDH_REPLY ssh_rsa_verify: ssh-rsa signature true Host '' is known and matches the RSA host key SSH_MSG_NEWKEYS sent SSH_MSG_NEWKEYS received SSH_MSG_SERVICE_REQUEST sent SSH_MSG_EXT_INFO received server-sig-algs=<rsa-sha2-256,rsa-sha2-512> OpenSSH 7.4 detected: adding rsa-sha2-256 & rsa-sha2-512 to server-sig-algs SSH_MSG_SERVICE_ACCEPT received Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password Next authentication method: gssapi-with-mic Authentications that can continue: publickey,keyboard-interactive,password Next authentication method: publickey PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss PubkeyAcceptedAlgorithms in server-sig-algs = [rsa-sha2-512, rsa-sha2-256] PubkeyAcceptedAlgorithms not in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-rsa, ssh-dss] rsa-sha2-512 preauth success rsa-sha2-512 auth success

norrisjeremy commented 11 months ago

Hi @kookcoder6,

I'm not sure what you are asking? Both examples you provided shows everything working without any problems?

Thanks, Jeremy

kookcoder6 commented 11 months ago

Hi @kookcoder6,

I'm not sure what you are asking? Both examples you provided shows everything working without any problems?

Thanks, Jeremy

Why is rsa-sha2-512 auth succeeding for SSH-2.0-OpenSSH_7.4 and not for SSH-2.0-OpenSSH_8.7

norrisjeremy commented 11 months ago

Hi @kookcoder6,

My first guess would be that it perhaps it is disabled on the server that you have running OpenSSH 8.7. I would suggest investigating logs on the server side.

Thanks, Jeremy

kookcoder6 commented 10 months ago

Hi @norrisjeremy

I only see the logs failing when trying to auth rsa-sha2-512 public key algorithm. You mentioned perhaps its is disabled on the server. I've tried adding +PubkeyAcceptedAlgorithms=+rsa-sha2-512 in the sshd_config file. Is there a different way I can enable it on the server?

GiovanniMoya commented 10 months ago

i'm also getting a similar issue. where sha2 works with some versions of openSSH and not others despite adding configuration like: PubkeyAcceptedAlgorithms=+rsa-sha2-512 in sshd_config

mwiede commented 10 months ago

If sha2 is not activated on the server, it won't work. You could check server config by sshd -T

norrisjeremy commented 10 months ago

Hi @kookcoder6,

In the logs you originally provided I see the following:

Local version string: SSH-2.0-JSCH_${versionWithoutMinus}

Does this mean you are you compiling JSch yourself instead of using the version we publish to Maven Central? If so, can you correctly use the build-helper-maven-plugin and templating-maven-plugin to define and generate the Version.java file with a proper version string? Or failing that, simply directly edit your copy of Version.java to correct the version string? I'm wondering if the upstream OpenSSH 8.7 server may be incorrectly applying some workaround behavior because it cannot parse the version string JSch is sending it.

Thanks, Jeremy

kookcoder6 commented 10 months ago

hi @norrisjeremy

I added the version and i still see the same results. Note that in this case i did not enable ssh-rsa as an accepted public key type.

INFO: Remote version string: SSH-2.0-OpenSSH_8.7
INFO: Local version string: SSH-2.0-JSCH_0.2.9
INFO: CheckCiphers: chacha20-poly1305@openssh.com
INFO: CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
INFO: CheckSignatures: ssh-ed25519,ssh-ed448
INFO: server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: server proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
INFO: server proposal: host key algorithms: ecdsa-sha2-nistp256,ssh-ed25519
INFO: server proposal: ciphers c2s: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
INFO: server proposal: ciphers s2c: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
INFO: server proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
INFO: server proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
INFO: server proposal: compression c2s: none,zlib@openssh.com
INFO: server proposal: compression s2c: none,zlib@openssh.com
INFO: server proposal: languages c2s: 
INFO: server proposal: languages s2c: 
INFO: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
INFO: client proposal: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: compression c2s: none
INFO: client proposal: compression s2c: none
INFO: client proposal: languages c2s: 
INFO: client proposal: languages s2c: 
INFO: kex: algorithm: curve25519-sha256
INFO: kex: host key algorithm: ecdsa-sha2-nistp256
INFO: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: SSH_MSG_KEX_ECDH_INIT sent
INFO: expecting SSH_MSG_KEX_ECDH_REPLY
INFO: ssh_ecdsa_verify: ecdsa-sha2-nistp256 signature true
INFO: Host <remove host name> is known and matches the ECDSA host key
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_EXT_INFO received
INFO: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password
INFO: Next authentication method: gssapi-with-mic
INFO: Authentications that can continue: publickey,keyboard-interactive,password
INFO: Next authentication method: publickey
INFO: PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
INFO: PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa, ssh-dss]
INFO: rsa-sha2-512 preauth success
INFO: rsa-sha2-512 auth failure
INFO: rsa-sha2-256 preauth success
INFO: rsa-sha2-256 auth failure
INFO: ssh-rsa preauth failure
INFO: Disconnecting from <removed host name>
INFO: Auth failed
kookcoder6 commented 10 months ago

hi @mwiede

what do you specifically mean by

sha2 is not activated on the server Is it if a sha2 public key accepted algorithm list does not have sha2 algorithms?

I checked the output for sshd -T 

sudo sshd -T
port 22
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
usepam yes
logingracetime 120
x11displayoffset 10
x11maxdisplays 1000
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin without-password
ignorerhosts yes
ignoreuserknownhosts no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
kerberosuniqueccache no
kerberosusekuserok yes
gssapienablek5users no
gssapiauthentication yes
gssapicleanupcredentials no
gssapikeyexchange no
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
gssapikexalgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-
passwordauthentication no
kbdinteractiveauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
compression yes
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
disableforwarding no
allowstreamlocalforwarding yes
streamlocalbindunlink no
fingerprinthash SHA256
exposeauthinfo no
pidfile /var/run/sshd.pid
modulifile /etc/ssh/moduli
xauthlocation /usr/bin/xauth
ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
macs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
banner none
forcecommand none
chrootdirectory none
trustedusercakeys none
revokedkeys none
securitykeyprovider internal
authorizedprincipalsfile none
versionaddendum none
authorizedkeyscommand /opt/aws/bin/eic_run_authorized_keys %u %f
authorizedkeyscommanduser ec2-instance-connect
authorizedprincipalscommand none
authorizedprincipalscommanduser none
hostkeyagent none
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
casignaturealgorithms ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512
hostbasedacceptedalgorithms ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
pubkeyacceptedalgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
loglevel INFO
syslogfacility AUTHPRIV
authorizedkeysfile .ssh/authorized_keys
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
authenticationmethods any
subsystem sftp /usr/libexec/openssh/sftp-server
maxstartups 10:30:100
persourcemaxstartups none
persourcenetblocksize 32:128
permittunnel no
ipqos af21 cs1
rekeylimit 0 0
permitopen any
permitlisten any
permituserenvironment no
pubkeyauthoptions none
kookcoder6 commented 10 months ago

I am testing this by making a connection to an ec2 instance with the amazon linux 2023 image the public key I have has this format ssh-rsa key comment

norrisjeremy commented 10 months ago

Hi @kookcoder6,

Are you sure that RSA is actually enabled on this server? According to the AWS documentation for Amazon Linux 2023, RSA type keys are disabled by default and must be explicitly enabled when building an instance.

Thanks, Jeremy

norrisjeremy commented 10 months ago

Hi @kookcoder6,

So I launched a free t2.micro instance using Amazon Linux 2023 and then was able to log in with successfully with an RSA key with JSch using the examples/UserAuthPubKey.java.

So I'm not sure why it isn't working for you? Are you customizing the server's /etc/ssh/sshd_config file in some way?

Thanks, Jeremy

kookcoder6 commented 8 months ago

hi @norrisjeremy sorry for the delayed response!

When you say

was able to log in with successfully with an RSA key

does that mean you are successfully using a rsa-sha2-256 or rsa-sha2-512 public key signature algorithm?

I followed the aws docs for enabling rsa pubkeys:

$ sudo dnf install crypto-policies-scripts
$ sudo update-crypto-policies --set LEGACY

I see I am able to connect using the ssh-rsa public key signature algorithm, but its still failing with the rsa-sha2-256 and rsa-sha2-512 public key signature algorithms.

INFO: Connecting to <host> port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-OpenSSH_8.7
INFO: Local version string: SSH-2.0-JSCH_0.2.9
INFO: CheckCiphers: chacha20-poly1305@openssh.com
INFO: CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
INFO: CheckSignatures: ssh-ed25519,ssh-ed448
INFO: server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: server proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,kex-strict-s-v00@openssh.com
INFO: server proposal: host key algorithms: ecdsa-sha2-nistp256,ssh-ed25519
INFO: server proposal: ciphers c2s: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc
INFO: server proposal: ciphers s2c: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc
INFO: server proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
INFO: server proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
INFO: server proposal: compression c2s: none,zlib@openssh.com
INFO: server proposal: compression s2c: none,zlib@openssh.com
INFO: server proposal: languages c2s: 
INFO: server proposal: languages s2c: 
INFO: client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
INFO: client proposal: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
INFO: client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
INFO: client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
INFO: client proposal: compression c2s: none
INFO: client proposal: compression s2c: none
INFO: client proposal: languages c2s: 
INFO: client proposal: languages s2c: 
INFO: kex: algorithm: curve25519-sha256
INFO: kex: host key algorithm: ecdsa-sha2-nistp256
INFO: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
INFO: SSH_MSG_KEX_ECDH_INIT sent
INFO: expecting SSH_MSG_KEX_ECDH_REPLY
INFO: ssh_ecdsa_verify: ecdsa-sha2-nistp256 signature true
INFO: Host <value> is known and matches the ECDSA host key
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_EXT_INFO received
INFO: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password
INFO: Next authentication method: gssapi-with-mic
INFO: Authentications that can continue: publickey,keyboard-interactive,password
INFO: Next authentication method: publickey
INFO: PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
INFO: PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa, ssh-dss]
INFO: rsa-sha2-512 preauth success
INFO: rsa-sha2-512 auth failure
INFO: rsa-sha2-256 preauth success
INFO: rsa-sha2-256 auth failure
INFO: ssh-rsa preauth success
INFO: ssh-rsa auth success
INFO: Authentication succeeded (publickey).
kookcoder6 commented 8 months ago

Update I tried to replicate your test and I see I can connect with rsa pub key type using a sha2 pub key signature. This is without making any ssh changes using a aws ec2 instance. I'm assuming the issue must be some changes I've made.

Connection established
Remote version string: SSH-2.0-OpenSSH_8.7
Local version string: SSH-2.0-JSCH_versionWithoutMinus
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
CheckSignatures: ssh-ed25519,ssh-ed448
server_host_key proposal before known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
server_host_key proposal after known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
Doing strict KEX
server proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,kex-strict-s-v00@openssh.com
server proposal: host key algorithms: ecdsa-sha2-nistp256,ssh-ed25519
server proposal: ciphers c2s: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
server proposal: ciphers s2c: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
server proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
server proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
server proposal: compression c2s: none,zlib@openssh.com
server proposal: compression s2c: none,zlib@openssh.com
server proposal: languages c2s: 
server proposal: languages s2c: 
client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
client proposal: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
client proposal: compression c2s: none
client proposal: compression s2c: none
client proposal: languages c2s: 
client proposal: languages s2c: 
kex: algorithm: curve25519-sha256
kex: host key algorithm: ssh-ed25519
kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
SSH_MSG_KEX_ECDH_INIT sent
expecting SSH_MSG_KEX_ECDH_REPLY
ssh_eddsa_verify: ssh-ed25519 signature true
Permanently added <host value> (EDDSA) to the list of known hosts.
Reset outgoing sequence number after sending SSH_MSG_NEWKEYS for strict KEX
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
Reset incoming sequence number after receiving SSH_MSG_NEWKEYS for strict KEX
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_EXT_INFO received
server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
SSH_MSG_SERVICE_ACCEPT received
Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password
Next authentication method: gssapi-with-mic
Authentications that can continue: publickey,keyboard-interactive,password
Next authentication method: publickey
PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256]
rsa-sha2-512 preauth success
rsa-sha2-512 auth success
Authentication succeeded (publickey).