[Bug 1280496] Re: ed25519 host key not working on 6.5p1

Thu Mar 27 18:00:20 UTC 2014

Adding the requested output below. As you can see, the ssh server offers
up ECDSA host keys even though I've done the requisite ssh-keygen -t
ed25519 /etc/ssh/ssh_host_ed25519

To be clear, the user key exchange *is* ed25519. I'm trying to figure
out why the server key exchange is not the same. Also, I've cleared out
.ssh/known_hosts just in case

=====

Mar 27 10:48:08 a008 sshd[23416]: Accepted publickey for user from 127.0.0.1 port 51537 ssh2: ED25519 5a:de:f7:48:7b:2d:fb:c3:ab:09:27:10:57:01:b2:ba
Mar 27 10:48:08 a008 sshd[23416]: pam_unix(sshd:session): session opened for user user by (uid=0)
Mar 27 10:48:08 a008 systemd-logind[682]: New session 19 of user user

==============================================================

user at machine:~/.ssh$ ssh -vvv localhost
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/user/.ssh/config
debug3: cipher ok: chacha20-poly1305 at openssh.com [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes256-gcm at openssh.com [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-gcm at openssh.com [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes256-ctr [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes192-ctr [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-ctr [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug3: ciphers ok: [chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr]
debug2: mac_setup: found umac-128-etm at openssh.com
debug3: mac ok: umac-128-etm at openssh.com [umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1]
debug2: mac_setup: found hmac-sha2-512
debug3: mac ok: hmac-sha2-512 [umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1]
debug2: mac_setup: found hmac-sha2-256
debug3: mac ok: hmac-sha2-256 [umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1]
debug3: macs ok: [umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1]
debug1: /home/user/.ssh/config line 15: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug1: Control socket "/home/user/.ssh/mux/ssh_mux_localhost_22_user" does not exist
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/user/.ssh/id_ed25519" as a RSA1 public key
debug1: identity file /home/user/.ssh/id_ed25519 type 4
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/user/.ssh/id_ecdsa" as a RSA1 public key
debug1: identity file /home/user/.ssh/id_ecdsa type 1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/user/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.5p1 Ubuntu-6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.5p1 Ubuntu-6
debug1: match: OpenSSH_6.5p1 Ubuntu-6 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "localhost" from file "/home/user/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: kex_parse_kexinit: chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: kex_parse_kexinit: umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1
debug2: kex_parse_kexinit: umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com
debug2: kex_parse_kexinit: none,zlib at openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug1: kex: server->client chacha20-poly1305 at openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305 at openssh.com <implicit> none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA d0:68:82:e2:c6:f6:af:79:a4:9a:d5:ef:e8:89:d6:5a
debug3: verify_host_key_dns
DNS lookup error: data does not exist
debug3: load_hostkeys: loading entries for host "localhost" from file "/home/user/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is 79:a4:9a:d5:ef:e8:89:d6:5a:d0:68:82:e2:c6:f6:af.
+--[ECDSA  256]---+
|                 |
|   .   o         |
|. . . + .        |
|o.   o .         |
| =      S        |
|o . ..           |
|   o+E           |
|  oo=o+          |
| oo===.o         |
+-----------------+
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/user/.ssh/id_ed25519 (0x7f2d35ea5860), explicit
debug2: key: /home/user/.ssh/id_ecdsa (0x7f2d35ea64c0), explicit
debug2: key: /home/user/.ssh/id_rsa (0x7f2d35eab1b0), explicit
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering ED25519 public key: /home/user/.ssh/id_ed25519
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug2: input_userauth_pk_ok: fp 79:a4:9a:d5:ef:e8:89:d6:5a:d0:68:82:e2:c6:f6:af
debug3: sign_and_send_pubkey: ED25519 5a:de:f7:48:7b:2d:fb:c3:ab:09:27:10:57:01:b2:ba
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([127.0.0.1]:22).
debug1: setting up multiplex master socket
debug3: muxserver_listen: temporary control path /home/user/.ssh/mux/ssh_mux_localhost_22_user.f3rijMrpSSIIzkyu
debug2: fd 4 setting O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug1: channel 0: new [/home/user/.ssh/mux/ssh_mux_localhost_22_user]
debug3: muxserver_listen: mux listener channel 0 fd 4
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug1: control_persist_detach: backgrounding master process
debug2: control_persist_detach: background process is 23418
debug2: fd 4 setting O_NONBLOCK
debug1: forking to background
debug1: Entering interactive session.
debug1: multiplexing control connection
debug2: fd 5 setting O_NONBLOCK
debug3: fd 5 is O_NONBLOCK
debug1: channel 1: new [mux-control]
debug3: channel_post_mux_listener: new mux channel 1 fd 5
debug3: mux_master_read_cb: channel 1: hello sent
debug3: mux_master_read_cb: channel 1 packet type 0x00000001 len 4
debug2: process_mux_master_hello: channel 1 slave version 4
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_master_read_cb: channel 1 packet type 0x10000004 len 4
debug2: process_mux_alive_check: channel 1: alive check
debug3: mux_client_request_alive: done pid = 23420
debug3: mux_client_request_session: session request sent
debug3: mux_master_read_cb: channel 1 packet type 0x10000002 len 70
debug2: process_mux_new_session: channel 1: request tty 1, X 0, agent 0, subsys 0, term "xterm-256color", cmd "", env 1
debug3: process_mux_new_session: got fds stdin 6, stdout 7, stderr 8
debug1: channel 2: new [client-session]
debug2: process_mux_new_session: channel_new: 2 linked to control channel 1
debug2: channel 2: send open
debug2: callback start
debug2: client_session2_setup: id 2
debug2: channel 2: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 2: request env confirm 0
debug2: channel 2: request shell confirm 1
debug3: mux_session_confirm: sending success reply
debug2: callback done
debug2: channel 2: open confirm rwindow 0 rmax 32768
debug1: mux_client_request_session: master session id: 2
debug2: channel_input_status_confirm: type 99 id 2
debug2: PTY allocation request accepted on channel 2
debug2: channel 2: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 2
debug2: shell request accepted on channel 2
Welcome to Ubuntu Trusty Tahr (development branch) (GNU/Linux 3.13.0-18-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Tue Mar 18 14:51:13 PDT 2014

Last login: Thu Mar 27 10:41:10 2014 from localhost

============================================================================================

ServerAliveInterval 60
ServerAliveCountMax 10

ControlMaster auto
ControlPath ~/.ssh/mux/ssh_mux_%h_%p_%r
ControlPersist yes

Ciphers chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1

Host *
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_ecdsa
IdentityFile ~/.ssh/id_rsa
HashKnownHosts yes
VisualHostKey yes
VerifyHostKeyDNS ask
AddressFamily inet

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1280496

Title:
  ed25519 host key not working on 6.5p1

Status in “openssh” package in Ubuntu:
  Incomplete

Bug description:
  So I decided to test out the new ed25519 support on the new release of
  OpenSSH. I generated the necessary keys, added the HostKey line in
  sshd_config and restarted.

  It does not appear to work and could be missing a compile flag
  somewhere.

  Long story short, I can generate the appropriate keys but trying to
  actually use it results in openssh offering ecdsa keys instead.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1280496/+subscriptions