search

rundeck / rundeck

Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts
http://rundeck.org
Apache License 2.0
5.49k stars 910 forks source link

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] #7274

Open spectroman opened 2 years ago

spectroman commented 2 years ago

As RunDeck only accepts SSH keys generated with "RSA" alg, newer openssh server are not accepting it anymore by default.

Which means that, when you update a SSH server to a newer version the configuration will start to drop these connections and will prevent RunDeck to connect on servers that were working before.

You will find on the target's log:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

Seen on:

To Reproduce Steps to reproduce the behavior: Use any RunDeck installation which will try to SSH to targets using a SSH key based on RSA.

Expected behavior Connection will be denied

Any other possible key on RunDeck fails with an error: (like dsa, ecdsa)

Failed: SSHProtocolFailure: invalid privatekey
drygdryg commented 2 years ago

See https://bbs.archlinux.org/viewtopic.php?id=270005

cflanny commented 2 years ago

Can we get some eyes on this? As it stands, Rundeck will not connect to any host running OpenSSH >8.8 without changing each and every one of their /etc/ssh/sshd_config files to re-enable ssh-rsa key types. This is massively encumbering if you have any host count whatsoever that you keep up to date.

Per the OpenSSH team's release notes for 8.8 (current release on Ubuntu is 8.9 btw):

Potentially-incompatible changes
================================

This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]

For most users, this change should be invisible and there is
no need to replace ssh-rsa keys. OpenSSH has supported RFC8332
RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys
will automatically use the stronger algorithm where possible.

Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:

    Host old-host
        HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).

[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
    Application to the PGP Web of Trust" Leurent, G and Peyrin, T
    (2020) https://eprint.iacr.org/2020/014.pdf

If keys generated with OpenSSH 7.2+ are fine, just how old is the SSH client Rundeck uses?

FYI if I add PubkeyAcceptedKeyTypes=+ssh-rsa to /etc/ssh/sshd_config I can now connect just fine. This needs to get fixed as it's a security issue, and an ever-increasing functional issue as time moves on.

ahoffmannkvb commented 2 years ago

I too ran into this problem with Rundeck 3.4.10.20220118-1 and our nodes with Ubuntu 22.04.

The weird thing is: the key works on the command line when I use the OpenSSH client to login to the nodes. It just doesn't work for Rundeck.

petronem commented 2 years ago

have same issue w/ rundeck-4.1.0.20220420-1.noarch on centos 8 stream that is going to a ubuntu 22.04 node. i made a 4k rsa key and copied it everywhere and changed the ubuntu 22 servers to have: /etc/ssh/sshd_config: PubkeyAcceptedKeyTypes=+ssh-rsa

but it still didn't work...

then i came across this and at least the rsa 4096 key finally worked...

https://tech.davidfield.co.uk/2020/05/16/rundeck-3-install-setup-and-an-example-project/

`Convert your private key from SSH to RSA

Your private key will probably be in the format for openssh, Rundeck needs this to be converted to the RSA format

If you show the contents of your private key using

cat /path/to/openssh/key and the start and end of the key have the following

-----BEGIN OPENSSH PRIVATE KEY----------END OPENSSH PRIVATE KEY----- Then your private key is in the wrong format for Rundeck and you need to run

ssh-keygen -p -m PEM -f /path/to/openssh/key This will rewite the existing private key to the RSA format`

i'll try doing the same w/ the ed25519 key, but for now that will have to wait.

MarcProe commented 1 year ago

I was able to work around this using the SSHJ node executor.