On Mon Aug 31, 2020 at 6:56 PM PDT, Damien Miller wrote: > On Mon, 31 Aug 2020, [email protected] wrote: > > > >Synopsis: ecdsa-sk no longer works with latest snapshot > > >Category: > > >Environment: > > System : OpenBSD 6.7 > > Details : OpenBSD 6.7-current (GENERIC.MP) #52: Sun Aug 30 17:55:06 > > MDT 2020 > > > > [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > > > Architecture: OpenBSD.amd64 > > Machine : amd64 > > >Description: > > As of a recent snapshot, my Yubikey with an ecdsa-sk key no longer > > works with ssh. Where the ssh process would typically pause to confirm > > presence, now it fails immediately with the following: > > > > Confirm user presence for key ECDSA-SK SHA256:____ > > sign_and_send_pubkey: signing failed for ECDSA-SK "$keypath": > > invalid format > > $user@$ip: Permission denied (publickey). > > >How-To-Repeat: > > 1. Insert a single Yubikey into a USB port. > > 2. Generate an ecdsa-sk key with normal options, i.e. not a resident > > key. > > 3. Attempt to ssh into any service that uses your ecdsa-sk key. > > > > This can be reproduced with or without ssh-agent running. > > Hi, > > Thanks for the report - plase send the output of a failing ssh session > in verbose mode, i.e. > > ssh -vvv user@host > > Thanks, > Damien
Hi Damien, Sure thing. Please see the output of `ssh -vvv user@host` below. Best, Evan OpenSSH_8.3, LibreSSL 3.2.1 debug1: Reading configuration data /home/$myuser/.ssh/config debug1: /home/$myuser/.ssh/config line 1: Applying options for * debug1: /home/$myuser/.ssh/config line 11: Applying options for $myserver debug1: Reading configuration data /etc/ssh/ssh_config debug2: resolve_canonicalize: hostname $myip is address debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/$myuser/.ssh/known_hosts' debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/$myuser/.ssh/known_hosts2' debug1: auto-mux: Trying existing master debug1: Control socket "/home/$myuser/.ssh/31c0e4a977b4607445212bb8627b62f6ee34b72e.sock" does not exist debug2: ssh_connect_direct debug1: Connecting to $myip [$myip] port 22. debug1: Connection established. debug1: identity file /home/$myuser/.ssh/id_rsa type 0 debug1: identity file /home/$myuser/.ssh/id_rsa-cert type -1 debug1: identity file /home/$myuser/.ssh/id_dsa type -1 debug1: identity file /home/$myuser/.ssh/id_dsa-cert type -1 debug1: identity file /home/$myuser/.ssh/id_ecdsa type -1 debug1: identity file /home/$myuser/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/$myuser/.ssh/id_ecdsa_sk type 10 debug1: identity file /home/$myuser/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/$myuser/.ssh/id_ed25519 type -1 debug1: identity file /home/$myuser/.ssh/id_ed25519-cert type -1 debug1: identity file /home/$myuser/.ssh/id_ed25519_sk type -1 debug1: identity file /home/$myuser/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/$myuser/.ssh/id_xmss type -1 debug1: identity file /home/$myuser/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.3 debug1: match: OpenSSH_8.3 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to $myip:22 as '$myuser' debug3: hostkeys_foreach: reading file "/home/$myuser/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/$myuser/.ssh/known_hosts:61 debug3: load_hostkeys: loaded 1 keys from $myip debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[email protected],zlib debug2: compression stoc: none,[email protected],zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[email protected] debug2: compression stoc: none,[email protected] debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:P7DtIw7f2H9affC1tQbNzaZt6eIAXWH9E54tUp8kFKo debug3: hostkeys_foreach: reading file "/home/$myuser/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/$myuser/.ssh/known_hosts:61 debug3: load_hostkeys: loaded 1 keys from $myip debug1: Host '$myip' is known and matches the ECDSA host key. debug1: Found key in /home/$myuser/.ssh/known_hosts:61 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey in after 134217728 blocks debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: /home/$myuser/.ssh/id_rsa RSA SHA256:2v8Wb4Dtk7c18WbM0BTK11dRHBCZDYZgaUWyLgk35jY debug1: Will attempt key: /home/$myuser/.ssh/id_dsa debug1: Will attempt key: /home/$myuser/.ssh/id_ecdsa debug1: Will attempt key: /home/$myuser/.ssh/id_ecdsa_sk ECDSA-SK SHA256:GB4xULL7euanCP2PZeL3KAQS9+rbhUepIvy+tYSmfRk authenticator debug1: Will attempt key: /home/$myuser/.ssh/id_ed25519 debug1: Will attempt key: /home/$myuser/.ssh/id_ed25519_sk debug1: Will attempt key: /home/$myuser/.ssh/id_xmss debug2: pubkey_prepare: done debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/$myuser/.ssh/id_rsa RSA SHA256:2v8Wb4Dtk7c18WbM0BTK11dRHBCZDYZgaUWyLgk35jY debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug1: Trying private key: /home/$myuser/.ssh/id_dsa debug3: no such identity: /home/$myuser/.ssh/id_dsa: No such file or directory debug1: Trying private key: /home/$myuser/.ssh/id_ecdsa debug3: no such identity: /home/$myuser/.ssh/id_ecdsa: No such file or directory debug1: Offering public key: /home/$myuser/.ssh/id_ecdsa_sk ECDSA-SK SHA256:GB4xULL7euanCP2PZeL3KAQS9+rbhUepIvy+tYSmfRk authenticator debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: /home/$myuser/.ssh/id_ecdsa_sk ECDSA-SK SHA256:GB4xULL7euanCP2PZeL3KAQS9+rbhUepIvy+tYSmfRk authenticator debug3: sign_and_send_pubkey: ECDSA-SK SHA256:GB4xULL7euanCP2PZeL3KAQS9+rbhUepIvy+tYSmfRk debug3: sign_and_send_pubkey: signing using [email protected] SHA256:GB4xULL7euanCP2PZeL3KAQS9+rbhUepIvy+tYSmfRk debug3: no authentication agent, not adding key debug3: start_helper: started pid=45801 debug3: ssh_msg_send: type 5 debug3: ssh_msg_recv entering debug1: start_helper: starting /usr/libexec/ssh-sk-helper debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider internal: msg len 245, compat 0x4000000 debug1: sshsk_sign: provider "internal", key ECDSA-SK, flags 0x01 debug1: sk_probe: 1 device(s) detected debug1: sk_probe: selecting sk by cred debug1: sk_open: fido_dev_open /dev/fido/0 failed: FIDO_ERR_INTERNAL debug1: sk_openv: sk_open failed debug1: sk_select_by_cred: sk_openv failed debug1: ssh_sk_sign: failed to find sk debug1: sshsk_sign: sk_sign failed with code -1 debug1: ssh-sk-helper: Signing failed: invalid format debug1: ssh-sk-helper: reply len 8 debug3: ssh_msg_send: type 5 debug1: client_converse: helper returned error -4 debug3: reap_helper: pid=45801 debug1: identity_sign: sshkey_sign: invalid format sign_and_send_pubkey: signing failed for ECDSA-SK "/home/$myuser/.ssh/id_ecdsa_sk": invalid format debug1: Trying private key: /home/$myuser/.ssh/id_ed25519 debug3: no such identity: /home/$myuser/.ssh/id_ed25519: No such file or directory debug1: Trying private key: /home/$myuser/.ssh/id_ed25519_sk debug3: no such identity: /home/$myuser/.ssh/id_ed25519_sk: No such file or directory debug1: Trying private key: /home/$myuser/.ssh/id_xmss debug3: no such identity: /home/$myuser/.ssh/id_xmss: No such file or directory debug2: we did not send a packet, disable method debug1: No more authentication methods to try. $myuser@$myip: Permission denied (publickey).
