Comments (10)
Hm wonder if this is a bug introduced in #395 cc @mik2k2
from ssh-chat.
I can confirm this happens when the whitelist file is empty (because the allowed key set is empty, these lines).
However, I can't reproduce this with
$ cat user_key.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/Av4uByl+c51sX3vqGz2j+PWaTJgJIEbztVeXJv6D4 ssh-chat-test
$ go run ./cmd/ssh-chat/ -i host_key --whitelist user_key.pub -vv
Listening for connections on [::]:2022
2021-11-09 13:00:46.927 DEBUG Added to whitelist: "SHA256:wfdYWd+OzriJDxO1QgDEqu3BGxpZGewah/A7U8LANeI=" (for 0s)
[sshd] 2021/11/09 13:01:03 [[::1]:47482] Failed to handshake: [ssh: no auth passed yet, public key authentication required]
[sshd] 2021/11/09 13:01:39 [[::1]:47492] Failed to handshake: [ssh: no auth passed yet, not whitelisted, public key authentication required]
and
$ ssh -o 'IdentitiesOnly yes' -p 2022 test@localhost
test@localhost: Permission denied (publickey,keyboard-interactive).
$ ssh -p 2022 test@localhost
test@localhost: Permission denied (publickey,keyboard-interactive).
Can you verify the key is being loaded by running ssh-chat with the -vv
option?
from ssh-chat.
Oh wait, I don't think v1.10 includes that PR.
@badrow Do you think you could try to confirm this with a build from master?
If the new version fixes it, I'll cut a new release.
from ssh-chat.
Oh wait, i tested the program with param : --whitelist=myfile and not --whitelist myfile.
I test and feedback soon sorry.
from ssh-chat.
Okay very weird thing, depending on the machine where the server is launched, the result is not the same.
I can see the SSH keys loaded with -vv but when I launch the server on my laptop or raspberry, some users are accepted, and others are not...
I think the key which is used by the server is not accepted when a client is using it. Sorry for bothering may be it's normal behavior.
from ssh-chat.
Are you using the admin flag? It might be bypassing it.
from ssh-chat.
I'm not using admin flag, but I tested to connect to my server with different clients, it looks like all problems occurs when i use ssh client from fedora 35.
All others clients are ok.
When I use the same client key from fedora 35 of from another system, the other system pass, fedora client is refused.
from ssh-chat.
Confirmed. Same key working as client with an old android phone and ubuntu 20.04, not working with fedora 35 ( client is OpenSSH_8.7p1, OpenSSL 1.1.1l FIPS 24 Aug 2021
The error message in server side is :
ssh-chat_1 | [sshd] 2021/11/09 18:22:16 [192.168.0.42:40768] Failed to handshake: [ssh: no auth passed yet, public key authentication required]
from ssh-chat.
Confirmed which? That the bug exists or that it does not?
If it exists, could you please confirm it with one of the more recent unreleased tags? E.g. https://github.com/shazow/ssh-chat/releases/tag/v1.11-rc1
from ssh-chat.
I can only confirm my own test since i don't have the skills to really investigate. (The bug seems to exists with the fedora 35 ssh client)
I will try to compile the v1.11 rc1 and test it.
If you can test with fedora 35 (gnome version) as client may be you could see the problem ?
from ssh-chat.
Related Issues (20)
- Send messages on \n and not \r\n HOT 6
- Add system bell support to all messages, not just /msg or /reply's HOT 3
- Unable to start using `--unsafe-passphrase` HOT 1
- fuzzer crash HOT 1
- /op USER remove only works until USER reconnects HOT 1
- server: Support multiple identity private keys
- /back: Needs confirmation message
- "ssh.chat" refuse connection HOT 2
- Latest DoS HOT 7
- 8 Vulnerable Dependences per OWASP Dependency Check HOT 2
- Known bug: ssh rsa negotiation issue HOT 5
- COMMANDS ARE CASE SENSITIVE HOT 5
- bot: Skip motd on connect HOT 2
- bot: Don't include emoji prefixes in DMs
- Emojis still appear in TERM=bot mode private messages HOT 1
- Release v1.11 proper HOT 1
- Couldn't connect with allowlist or get admin HOT 2
- problem with using backspace for Chinese characters(one char of 2 bytes) HOT 9
- Very stupid question HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-chat.