[Bug 1756031] Re: openssh-server doesn't accept aes256-cbc key

[Patrick Salecker]

Is our SSH ley length <1024 bit? Such short keys are refused by openssh
7.6.

When you open your key with Puttygen the length is shown in the
beginning of the "Key fingerprint" field. On Ubuntu you can check it
with "ssh-keygen -lf .ssh/authorized_keys".

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1756031

Title:
  openssh-server doesn't accept aes256-cbc key

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  I am using putty connection with RSA key cached in pageant and want to
  login without password.

  Private key on windows:
  PuTTY-User-Key-File-2: ssh-rsa
  Encryption: aes256-cbc
  ...

  On ubuntu there is public key in .ssh/authorized_keys
  ssh-rsa AAAAB3Nz...JBjQ== palo at winpgnotas

  This key works well in ubuntu versions 14.04...17.10
  When I tried 18.04 beta, I am getting sshd error:
  mar 15 10:26:21 ubox sshd[5205]: error: userauth_pubkey: could not parse key: Invalid key length [preauth]
  and I have to provide password.

  I've found that aes256-cbc is not in the list of allowed ciphers by default, so I added
  Ciphers +aes256-cbc
  to /etc/ssh/sshd_config
  (and verified with nmap --script ssh2-enum-algos -sV -p 22 127.0.0.1)
  but the sshd error remains.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssh-server 1:7.6p1-4
  ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
  Uname: Linux 4.15.0-10-generic x86_64
  ApportVersion: 2.20.8-0ubuntu10
  Architecture: amd64
  Date: Thu Mar 15 10:03:14 2018
  InstallationDate: Installed on 2018-03-12 (2 days ago)
  InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180306.1)
  SourcePackage: openssh
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1756031/+subscriptions