X2Go Bug report logs - #106
SSH Host Key Validation fails when ECDSA is already known

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Christian Franke <admin@np.tl>

Date: Fri, 18 Jan 2013 18:18:02 UTC

Severity: normal

Merged with 240

Found in versions 4.0.0.1, 4.0.1.0

Full log


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 18 Jan 2013 18:15:10 +0000
From admin@np.tl  Fri Jan 18 19:15:10 2013
Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196])
	by ymir (Postfix) with ESMTP id 4D2315DB18
	for <submit@bugs.x2go.org>; Fri, 18 Jan 2013 19:15:10 +0100 (CET)
Received: from [IPv6:2001:470:9f43::4] (buster.dn42.nowhere.ws [IPv6:2001:470:9f43::4])
	(Authenticated sender: admin@np.tl)
	by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id EC88017209A
	for <submit@bugs.x2go.org>; Fri, 18 Jan 2013 19:15:09 +0100 (CET)
Message-ID: <50F9912D.8010701@np.tl>
Date: Fri, 18 Jan 2013 19:15:09 +0100
From: Christian Franke <admin@np.tl>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: submit@bugs.x2go.org
Subject: SSH Host Key Validation fails when ECDSA is already known
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Package: x2goclient
Version: 4.0.0.1

I have a server to which I regularly use SSH. On one client system, I
used regular OpenSSH to connect to that server, accepting its ECDSA key
before ever connecting using x2goclient.

While I currently can ssh to that server without any problems using
ECDSA, when trying to connect with x2goclient, I get: "The host key for
this server was not found but an othertype of key exists. An attacker
might change the default server key to confuse your client into thinking
the key does not exist"

(nb: if I remember correctly x2goclient used to call regular OpenSSH,
now it seems to implement ssh by itself. I liked the former approach
much better since it allowed me to use SSH features like ControlMaster,
ProxyCommand etc. Also it avoids cat and mouse issues like this bug
seemingly originating from differing SSH Client feature sets)

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Mon Jan 30 02:10:36 2023; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.