我最近将我的一台机器升级到最新的 Ubuntu 22.04,现在我遇到了一个非常奇怪的 SSH 服务器验证问题。这是对情况的简短解释。
我对服务器和客户端都使用基于 SSH 证书的身份验证。客户端身份验证工作正常(服务器具有TrustedUserCAKeys
客户端身份验证),但服务器验证工作不正常。我有@cert-authority *.example.com ecdsa-sha2-nistp521 AAAAE2VjZHN...
(/etc/ssh/ssh_known_hosts
它确实被正确读取,通过 strace 确认),但由于某种原因它没有被正确使用。或者实际上它可能会被使用,只是服务器没有将其证书发送给客户端。这只发生在最新版本 (SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1) 的客户端上,但可以在旧版本 (SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10) 上正常工作。以下是新旧客户端的 SSH 调试日志的一些摘录。
新客户端调试日志:
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to my.example.com:22 as 'myuser'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:+JwFUaD...
旧客户端调试日志:
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
debug1: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to my.example.com:22 as 'myuser'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: [email protected]
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host certificate: [email protected] SHA256:+JwFUaD..., serial 10356 ID "my.example.com server certificate" CA ecdsa-sha2-nistp521 SHA256:KlV0xkm... valid from 2023-05-30T12:18:00 to 2023-06-06T12:19:31
debug1: Host 'my.example.com' is known and matches the ECDSA-CERT host certificate.
debug1: Found CA key in /etc/ssh/ssh_known_hosts:1
可以看出,服务器只发送了 aServer host key
而不是预期的Server host certificate
.我能看到的唯一区别是新客户端使用 kex 算法curve25519-sha256
而旧(功能)客户端使用[email protected]
.但据我所知,这些应该是相同的,只是换了一个新名字。
有谁知道这里可能发生什么?服务器和客户端的签名 CA 都是 ecdsa 密钥(如果这有什么区别的话)。