Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
With SSH-2, OpenSSH (various versions), RSA public key, key authentication has been reported to occasionally and randomly fail with an `Access denied' message. A message like the following is written in the server's log:
error: ssh_rsa_verify: RSA_verify failed: error:04077077:lib(4):func(119):reason(119)
which apparently resolves to "the RSA_verify() function in SSL telling [us] RSA_R_WRONG_SIGNATURE_LENGTH".
SGT, 2002-05-30: This is in fact not a complex bignum bug in PuTTY, but is a simple disagreement between PuTTY and OpenSSH about the correct way to pad RSA signatures in SSH-2. It appears that the draft RFC is on our side, so this is a bug in OpenSSH, apparently caused by their RSA-for-SSH-2 implementation being done before the specification was finalised. They say they'll fix it for OpenSSH 3.3.
As of 2002 Jun 1, PuTTY will detect OpenSSH versions which have the bug and pad its signatures appropriately for those versions.
Audit trail for this wish.