Bug#933665: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedKeyTypes

Thu, 01 Aug 2019 08:36:20 -0700 

Package: openssh-server
Version: 1:7.9p1-10
Severity: normal

Dear Maintainer,

I've been running several servers, upgraded across many Debian stable
releases, with sshd_config that had been tightened down in various ways
(example attached) including explicit PubkeyAcceptedKeyTypes (containing
ssh-rsa).  After upgrading to buster a user reported that he could no
longer login with his RSA key.

  sshd[17025]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedKeyTypes 
[preauth]

I tested and found that explicitly defining PubkeyAcceptedKeyTypes in
sshd_config breaks RSA pubkey auth, even when the line merely states:

  PubkeyAcceptedKeyTypes ssh-rsa

However when PubkeyAcceptedKeyTypes is removed from the config, the
implicit defaults allow RSA to work.

I've attached sshd debug logs for the two scenarios.

My guess is there's some sort of config parsing glitch within ssh.

-- System Information:
Debian Release: 10.0
  APT prefers stable
  APT policy: (601, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-cloud-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssh-server depends on:
ii  adduser                3.118
ii  debconf [debconf-2.0]  1.5.71
ii  dpkg                   1.19.7
ii  libaudit1              1:2.8.4-3
ii  libc6                  2.28-10
ii  libcom-err2            1.44.5-1
ii  libgssapi-krb5-2       1.17-3
ii  libkrb5-3              1.17-3
ii  libpam-modules         1.3.1-5
ii  libpam-runtime         1.3.1-5
ii  libpam0g               1.3.1-5
ii  libselinux1            2.8-1+b1
ii  libssl1.1              1.1.1c-1
ii  libsystemd0            241-5
ii  libwrap0               7.6.q-28
ii  lsb-base               10.2019051400
ii  openssh-client         1:7.9p1-10
ii  openssh-sftp-server    1:7.9p1-10
ii  procps                 2:3.3.15-2
ii  ucf                    3.0038+nmu1
ii  zlib1g                 1:1.2.11.dfsg-1

Versions of packages openssh-server recommends:
ii  libpam-systemd  241-5
ii  ncurses-term    6.1+20181013-2
ii  xauth           1:1.0.10-1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  rssh          <none>
pn  ssh-askpass   <none>
pn  ufw           <none>

-- debconf information:
  openssh-server/permit-root-login: true
* ssh/use_old_init_script: true
  ssh/encrypted_host_key_but_no_keygen:
  ssh/disable_cr_auth: false
  ssh/vulnerable_host_keys:
  openssh-server/password-authentication: true

-- 
Gerald Turner <gtur...@unzane.com>        Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D

AllowAgentForwarding no
AllowStreamLocalForwarding no
AllowTcpForwarding no
AllowUsers REDACTED
AuthenticationMethods publickey password
ChallengeResponseAuthentication no
Ciphers chacha20-poly1...@openssh.com,aes256-...@openssh.com
ClientAliveCountMax 2
ClientAliveInterval 30
Compression no
DebianBanner no
DisableForwarding yes
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKeyAlgorithms ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ssh-rsa
KexAlgorithms 
diffie-hellman-group18-sha512,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha...@libssh.org
LoginGraceTime 10
LogLevel VERBOSE
MACs hmac-sha2-512-...@openssh.com
MaxAuthTries 3
MaxStartups 2:50:10
PermitOpen none
PermitRootLogin no
PermitUserRC no
Port 50022
PrintMotd no
PubkeyAcceptedKeyTypes ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ssh-rsa
RekeyLimit 1280M 53m59s
Subsystem sftp /usr/lib/openssh/sftp-server
TCPKeepAlive no
UseDNS yes
UsePAM yes

# Rejected RSA pubkey login.
# ssh running with explicit "PubkeyAcceptedKeyTypes ssh-rsa" in sshd_config

Aug  1 08:18:25 zoth-ommog sshd[20165]: debug1: Forked child 20167.
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: Set /proc/self/oom_score_adj to 0
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: rexec start in 5 out 5 newsock 
5 pipe 7 sock 8
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: inetd sockets after dupping: 3, 
3
Aug  1 08:18:25 zoth-ommog sshd[20167]: Connection from REDACTED port 35260 on 
REDACTED port 50022
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: Client protocol version 2.0; 
client software version OpenSSH_7.9p1 Debian-10
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: match: OpenSSH_7.9p1 Debian-10 
pat OpenSSH* compat 0x04000000
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: Local version string 
SSH-2.0-OpenSSH_7.9p1
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: permanently_set_uid: 103/65534 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: list_hostkey_types: 
ssh-ed25519,ssh-ed25519-cert-...@openssh.com,ssh-rsa [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: SSH2_MSG_KEXINIT received 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: kex: algorithm: 
diffie-hellman-group18-sha512 [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: kex: host key algorithm: 
ssh-ed25519-cert-...@openssh.com [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: kex: client->server cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: kex: server->client cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: expecting SSH2_MSG_KEXDH_INIT 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: expecting SSH2_MSG_NEWKEYS 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: SSH2_MSG_NEWKEYS received 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: KEX done [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: userauth-request for user 
gturner service ssh-connection method none [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: attempt 0 failures 0 [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: authentication methods list 0: 
publickey
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: authentication methods list 1: 
password
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: authentication methods list 0: 
publickey [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: authentication methods list 1: 
password [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: PAM: initializing for "gturner"
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: PAM: setting PAM_RHOST to 
"REDACTED"
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: PAM: setting PAM_TTY to "ssh"
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: userauth-request for user 
gturner service ssh-connection method publickey [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: debug1: attempt 1 failures 0 [preauth]
Aug  1 08:18:25 zoth-ommog sshd[20167]: userauth_pubkey: key type ssh-rsa not 
in PubkeyAcceptedKeyTypes [preauth]
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: userauth-request for user 
gturner service ssh-connection method password [preauth]
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: attempt 2 failures 1 [preauth]
Aug  1 08:18:28 zoth-ommog sshd[20167]: pam_ecryptfs: pam_sm_authenticate: 
/home/gturner is already mounted
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: PAM: password authentication 
accepted for gturner
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: do_pam_account: called
Aug  1 08:18:28 zoth-ommog sshd[20167]: Accepted password for gturner from 
REDACTED port 35260 ssh2
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: monitor_child_preauth: gturner 
has been authenticated by privileged process
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: monitor_read_log: child log fd 
closed
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: PAM: establishing credentials
Aug  1 08:18:28 zoth-ommog sshd[20167]: pam_unix(sshd:session): session opened 
for user gturner by (uid=0)
Aug  1 08:18:28 zoth-ommog systemd-logind[391]: New session 243 of user gturner.
Aug  1 08:18:28 zoth-ommog sshd[20167]: User child is on pid 20174
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: SELinux support disabled
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: PAM: establishing credentials
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: permanently_set_uid: 1000/100
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: rekey after 83886080 blocks
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: rekey after 83886080 blocks
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: ssh_packet_set_postauth: called
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: active: key options: 
agent-forwarding port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: Entering interactive session 
for SSH2.
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_init_dispatch
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_input_channel_open: 
ctype session rchan 0 win 1048576 max 16384
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: input_session_request
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: channel 0: new [server-session]
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_new: session 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_open: channel 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_open: session 0: link 
with channel 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_input_channel_open: 
confirm session
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_input_channel_req: 
channel 0 request pty-req reply 1
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_input_channel_req: 
session 0 req pty-req
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: Allocating pty.
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: session_new: session 0
Aug  1 08:18:28 zoth-ommog sshd[20167]: debug1: SELinux support disabled
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_pty_req: session 0 
alloc /dev/pts/20
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_input_channel_req: 
channel 0 request env reply 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_input_channel_req: 
session 0 req env
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: server_input_channel_req: 
channel 0 request shell reply 1
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:28 zoth-ommog sshd[20174]: debug1: session_input_channel_req: 
session 0 req shell
Aug  1 08:18:28 zoth-ommog sshd[20174]: Starting session: shell on pts/20 for 
gturner from REDACTED port 35260 id 0
Aug  1 08:18:28 zoth-ommog sshd[20175]: debug1: Setting controlling tty using 
TIOCSCTTY.
Aug  1 08:18:29 zoth-ommog sshd[20174]: debug1: Received SIGCHLD.
Aug  1 08:18:29 zoth-ommog sshd[20174]: debug1: session_by_pid: pid 20175
Aug  1 08:18:29 zoth-ommog sshd[20174]: debug1: session_exit_message: session 0 
channel 0 pid 20175
Aug  1 08:18:29 zoth-ommog sshd[20174]: debug1: session_exit_message: release 
channel 0
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: session_by_tty: session 0 tty 
/dev/pts/20
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: session_pty_cleanup2: session 0 
release /dev/pts/20
Aug  1 08:18:29 zoth-ommog sshd[20174]: Received disconnect from REDACTED port 
35260:11: disconnected by user
Aug  1 08:18:29 zoth-ommog sshd[20174]: Disconnected from user gturner REDACTED 
port 35260
Aug  1 08:18:29 zoth-ommog sshd[20174]: debug1: do_cleanup
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: do_cleanup
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: PAM: cleanup
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: PAM: closing session
Aug  1 08:18:29 zoth-ommog sshd[20167]: pam_unix(sshd:session): session closed 
for user gturner
Aug  1 08:18:29 zoth-ommog sshd[20186]: pam_ecryptfs: Skipping automatic 
eCryptfs unmount
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: PAM: deleting credentials
Aug  1 08:18:29 zoth-ommog sshd[20167]: debug1: audit_event: unhandled event 12
Aug  1 08:18:29 zoth-ommog systemd-logind[391]: Session 243 logged out. Waiting 
for processes to exit.
Aug  1 08:18:29 zoth-ommog systemd-logind[391]: Removed session 243.
Aug  1 08:18:37 zoth-ommog sshd[20165]: debug1: Forked child 20187.
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: Set /proc/self/oom_score_adj to 0
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: rexec start in 5 out 5 newsock 
5 pipe 7 sock 8
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: inetd sockets after dupping: 3, 
3
Aug  1 08:18:37 zoth-ommog sshd[20187]: Connection from 2001:470:e861:3::2 port 
60618 on REDACTED port 50022
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: Client protocol version 2.0; 
client software version OpenSSH_7.9p1
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: match: OpenSSH_7.9p1 pat 
OpenSSH* compat 0x04000000
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: Local version string 
SSH-2.0-OpenSSH_7.9p1
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: permanently_set_uid: 103/65534 
[preauth]
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: list_hostkey_types: 
ssh-ed25519,ssh-ed25519-cert-...@openssh.com,ssh-rsa [preauth]
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug  1 08:18:37 zoth-ommog sshd[20187]: Connection closed by 2001:470:e861:3::2 
port 60618 [preauth]
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: do_cleanup [preauth]
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: monitor_read_log: child log fd 
closed
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: do_cleanup
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: Killing privsep child 20189
Aug  1 08:18:37 zoth-ommog sshd[20187]: debug1: audit_event: unhandled event 12

Aug  1 08:18:53 zoth-ommog sshd[20198]: debug1: Forked child 20199.
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Set /proc/self/oom_score_adj to 0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rexec start in 5 out 5 newsock 
5 pipe 7 sock 8
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: inetd sockets after dupping: 3, 
3
Aug  1 08:18:53 zoth-ommog sshd[20199]: Connection from REDACTED port 35262 on 
REDACTED port 50022
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Client protocol version 2.0; 
client software version OpenSSH_7.9p1 Debian-10
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: match: OpenSSH_7.9p1 Debian-10 
pat OpenSSH* compat 0x04000000
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Local version string 
SSH-2.0-OpenSSH_7.9p1
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: permanently_set_uid: 103/65534 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: list_hostkey_types: 
ssh-ed25519,ssh-ed25519-cert-...@openssh.com,ssh-rsa [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_KEXINIT received 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: algorithm: 
diffie-hellman-group18-sha512 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: host key algorithm: 
ssh-ed25519-cert-...@openssh.com [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: client->server cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: server->client cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: expecting SSH2_MSG_KEXDH_INIT 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: expecting SSH2_MSG_NEWKEYS 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_NEWKEYS received 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: KEX done [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 0 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 0: 
publickey
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 1: 
password
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: initializing for "gturner"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: setting PAM_RHOST to 
"REDACTED"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: setting PAM_TTY to "ssh"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 0: 
publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 1: 
password [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 1 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth_pubkey: test pkalg 
rsa-sha2-512 pkblob RSA SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: temporarily_use_uid: 1000/100 
(e=0/0)
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: trying public key file 
/home/gturner/.ssh/authorized_keys
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: fd 4 clearing O_NONBLOCK
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: matching key found: RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: key options: agent-forwarding 
port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted key RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU found at 
/home/gturner/.ssh/authorized_keys:2
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: restore_uid: 0/0
Aug  1 08:18:53 zoth-ommog sshd[20199]: Postponed publickey for gturner from 
REDACTED port 35262 ssh2 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 2 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: temporarily_use_uid: 1000/100 
(e=0/0)
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: trying public key file 
/home/gturner/.ssh/authorized_keys
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: fd 4 clearing O_NONBLOCK
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: matching key found: RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: key options: agent-forwarding 
port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted key RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU found at 
/home/gturner/.ssh/authorized_keys:2
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: restore_uid: 0/0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: auth_activate_options: setting 
new authentication options
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: do_pam_account: called
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted publickey for gturner from 
REDACTED port 35262 ssh2: RSA SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: monitor_child_preauth: gturner 
has been authenticated by privileged process
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: auth_activate_options: setting 
new authentication options [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: monitor_read_log: child log fd 
closed
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: establishing credentials
Aug  1 08:18:53 zoth-ommog sshd[20199]: pam_unix(sshd:session): session opened 
for user gturner by (uid=0)
Aug  1 08:18:53 zoth-ommog systemd-logind[391]: New session 244 of user gturner.
Aug  1 08:18:53 zoth-ommog sshd[20199]: User child is on pid 20206
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: SELinux support disabled
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: PAM: establishing credentials
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: permanently_set_uid: 1000/100
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: rekey after 83886080 blocks
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: rekey after 83886080 blocks
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: ssh_packet_set_postauth: called
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: active: key options: 
agent-forwarding port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: Entering interactive session 
for SSH2.
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_init_dispatch
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_open: 
ctype session rchan 0 win 1048576 max 16384
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: input_session_request
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: channel 0: new [server-session]
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_new: session 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_open: channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_open: session 0: link 
with channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_open: 
confirm session
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request pty-req reply 1
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req pty-req
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: Allocating pty.
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: session_new: session 0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SELinux support disabled
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_pty_req: session 0 
alloc /dev/pts/20
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request env reply 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req env
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request shell reply 1
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req shell
Aug  1 08:18:53 zoth-ommog sshd[20206]: Starting session: shell on pts/20 for 
gturner from REDACTED port 35262 id 0
Aug  1 08:18:53 zoth-ommog sshd[20207]: debug1: Setting controlling tty using 
TIOCSCTTY.
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: Received SIGCHLD.
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_by_pid: pid 20207
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_exit_message: session 0 
channel 0 pid 20207
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_exit_message: release 
channel 0
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: session_by_tty: session 0 tty 
/dev/pts/20
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: session_pty_cleanup2: session 0 
release /dev/pts/20
Aug  1 08:18:55 zoth-ommog sshd[20206]: Received disconnect from REDACTED port 
35262:11: disconnected by user
Aug  1 08:18:55 zoth-ommog sshd[20206]: Disconnected from user gturner REDACTED 
port 35262
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: do_cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: do_cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: closing session
Aug  1 08:18:55 zoth-ommog sshd[20199]: pam_unix(sshd:session): session closed 
for user gturner
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: deleting credentials
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: audit_event: unhandled event 12
Aug  1 08:18:55 zoth-ommog systemd-logind[391]: Session 244 logged out. Waiting 
for processes to exit.
Aug  1 08:18:55 zoth-ommog systemd-logind[391]: Removed session 244.

# Successful RSA pubkey login.
# ssh had been restarted with PubkeyAcceptedKeyTypes *removed* from sshd_config

Aug  1 08:18:53 zoth-ommog sshd[20198]: debug1: Forked child 20199.
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Set /proc/self/oom_score_adj to 0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rexec start in 5 out 5 newsock 
5 pipe 7 sock 8
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: inetd sockets after dupping: 3, 
3
Aug  1 08:18:53 zoth-ommog sshd[20199]: Connection from REDACTED port 35262 on 
REDACTED port 50022
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Client protocol version 2.0; 
client software version OpenSSH_7.9p1 Debian-10
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: match: OpenSSH_7.9p1 Debian-10 
pat OpenSSH* compat 0x04000000
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: Local version string 
SSH-2.0-OpenSSH_7.9p1
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: permanently_set_uid: 103/65534 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: list_hostkey_types: 
ssh-ed25519,ssh-ed25519-cert-...@openssh.com,ssh-rsa [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_KEXINIT received 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: algorithm: 
diffie-hellman-group18-sha512 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: host key algorithm: 
ssh-ed25519-cert-...@openssh.com [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: client->server cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: kex: server->client cipher: 
aes256-...@openssh.com MAC: <implicit> compression: none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: expecting SSH2_MSG_KEXDH_INIT 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: expecting SSH2_MSG_NEWKEYS 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SSH2_MSG_NEWKEYS received 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: rekey after 83886080 blocks 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: KEX done [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method none [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 0 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 0: 
publickey
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 1: 
password
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: initializing for "gturner"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: setting PAM_RHOST to 
"REDACTED"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: setting PAM_TTY to "ssh"
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 0: 
publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: authentication methods list 1: 
password [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 1 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth_pubkey: test pkalg 
rsa-sha2-512 pkblob RSA SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU 
[preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: temporarily_use_uid: 1000/100 
(e=0/0)
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: trying public key file 
/home/gturner/.ssh/authorized_keys
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: fd 4 clearing O_NONBLOCK
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: matching key found: RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: key options: agent-forwarding 
port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted key RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU found at 
/home/gturner/.ssh/authorized_keys:2
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: restore_uid: 0/0
Aug  1 08:18:53 zoth-ommog sshd[20199]: Postponed publickey for gturner from 
REDACTED port 35262 ssh2 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: userauth-request for user 
gturner service ssh-connection method publickey [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: attempt 2 failures 0 [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: temporarily_use_uid: 1000/100 
(e=0/0)
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: trying public key file 
/home/gturner/.ssh/authorized_keys
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: fd 4 clearing O_NONBLOCK
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: matching key found: RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: 
/home/gturner/.ssh/authorized_keys:2: key options: agent-forwarding 
port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted key RSA 
SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU found at 
/home/gturner/.ssh/authorized_keys:2
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: restore_uid: 0/0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: auth_activate_options: setting 
new authentication options
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: do_pam_account: called
Aug  1 08:18:53 zoth-ommog sshd[20199]: Accepted publickey for gturner from 
REDACTED port 35262 ssh2: RSA SHA256:cN6+RJMBj25zximZ28B/CanFpjupWf/ABGrRGprS1LU
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: monitor_child_preauth: gturner 
has been authenticated by privileged process
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: auth_activate_options: setting 
new authentication options [preauth]
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: monitor_read_log: child log fd 
closed
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: PAM: establishing credentials
Aug  1 08:18:53 zoth-ommog sshd[20199]: pam_unix(sshd:session): session opened 
for user gturner by (uid=0)
Aug  1 08:18:53 zoth-ommog systemd-logind[391]: New session 244 of user gturner.
Aug  1 08:18:53 zoth-ommog sshd[20199]: User child is on pid 20206
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: SELinux support disabled
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: PAM: establishing credentials
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: permanently_set_uid: 1000/100
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: rekey after 83886080 blocks
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: rekey after 83886080 blocks
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: ssh_packet_set_postauth: called
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: active: key options: 
agent-forwarding port-forwarding pty user-rc x11-forwarding
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: Entering interactive session 
for SSH2.
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_init_dispatch
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_open: 
ctype session rchan 0 win 1048576 max 16384
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: input_session_request
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: channel 0: new [server-session]
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_new: session 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_open: channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_open: session 0: link 
with channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_open: 
confirm session
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request pty-req reply 1
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req pty-req
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: Allocating pty.
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: session_new: session 0
Aug  1 08:18:53 zoth-ommog sshd[20199]: debug1: SELinux support disabled
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_pty_req: session 0 
alloc /dev/pts/20
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request env reply 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req env
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: server_input_channel_req: 
channel 0 request shell reply 1
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_by_channel: session 0 
channel 0
Aug  1 08:18:53 zoth-ommog sshd[20206]: debug1: session_input_channel_req: 
session 0 req shell
Aug  1 08:18:53 zoth-ommog sshd[20206]: Starting session: shell on pts/20 for 
gturner from REDACTED port 35262 id 0
Aug  1 08:18:53 zoth-ommog sshd[20207]: debug1: Setting controlling tty using 
TIOCSCTTY.
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: Received SIGCHLD.
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_by_pid: pid 20207
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_exit_message: session 0 
channel 0 pid 20207
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: session_exit_message: release 
channel 0
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: session_by_tty: session 0 tty 
/dev/pts/20
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: session_pty_cleanup2: session 0 
release /dev/pts/20
Aug  1 08:18:55 zoth-ommog sshd[20206]: Received disconnect from REDACTED port 
35262:11: disconnected by user
Aug  1 08:18:55 zoth-ommog sshd[20206]: Disconnected from user gturner REDACTED 
port 35262
Aug  1 08:18:55 zoth-ommog sshd[20206]: debug1: do_cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: do_cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: cleanup
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: closing session
Aug  1 08:18:55 zoth-ommog sshd[20199]: pam_unix(sshd:session): session closed 
for user gturner
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: PAM: deleting credentials
Aug  1 08:18:55 zoth-ommog sshd[20199]: debug1: audit_event: unhandled event 12
Aug  1 08:18:55 zoth-ommog systemd-logind[391]: Session 244 logged out. Waiting 
for processes to exit.
Aug  1 08:18:55 zoth-ommog systemd-logind[391]: Removed session 244.

Attachment: signature.asc
Description: PGP signature

Reply via email to