PuTTY artifact host-key-sig-verify-fail
Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Snapshot
|
Docs
|
Privacy
|
Changes
|
Wishlist
summary: Occasional "server's host key did not match the signature supplied"
difficulty: tricky: Needs many tuits.
priority: historic: This is an old bug report that we think is either fixed without noticing, or confined to old systems, or too vague.
present-in: 0.55 0.56 2005-01-31 0.57 0.58
We've had several as-yet-unexplained reports of this (SSH-2
specific) error message, which may represent a bug in PuTTY or in an
SSH server, or perhaps data corruption in between. They've been
difficult to reproduce.
To determine for sure whether the problem lies in PuTTY or not, we
need extra information from a diagnostic build which we can provide,
as well as the ordinary SSH packet log.
- <20040827195154.GE20058@eggnog.rc-comp.com>
WinXP, 0.55, "OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9" &
"OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8"; problem went away on its own
after a while
Depended on where session was run from (firewall/proxy probs?)
With packet log
- <1107146212.080831.145250@z14g2000cwz.googlegroups.com>
WinXP, 2005-01-31:r5331 and "older versions"; unknown server; appears
specific to client machine
- <200503171416120713.0B297B13@mail.liveplaylearn.com>
0.56/0.57, "OpenSSH_3.4p1"
<200503181604010835.10B29C1C@mail.liveplaylearn.com>:
Packet log and exchange hash (unfortunately this was the wrong
diagnostic)
- CFB553FDAA2A5342BB3383CF908AFD4601E0D9EE@dewdfe21.wdf.sap.corp
0.58; "SSH-2.0-SAP"; connecting to 127.0.0.1:22
- 240156E724FD4B43B5D4EA0F86C6BC8A80D512@fsmail3.is.tcu.edu
0.58; "SSH-2.0-4.1.2 SSH Secure Shell Toolkit"
- f3d578550505160904747bb411@mail.gmail.com
0.57; SSH server was running on port 21 in a restricted environment,
and other protocols reported corruption; this went away when moving to
port 443
- <4257734F.4060406@koncar-institut.hr>
0.57, OpenSSH_3.8.1p1
<4296E722.7090106@koncar-institut.hr>:
SSH packet log with DH private value (to be analysed)
One interesting report had both this SSH-2 failure, and the SSH-1
failure "Incorrect CRC received on packet", occurring reproducibly
on the same machine, and no other. Some further digging
into the SSH-1 problem by our correspondent indicated that PuTTY's
rsaencrypt() function was playing up; and they found that
with their compiler ("Microsoft (R) 32-bit C/C++ Optimizing Compiler
Version 13.10.3077 for 80x86") adding /Od (disable all
optimisations) made the problem go away.
<20051108211710.79855.qmail@web52815.mail.yahoo.com> et seq
SGT, 2024-11-17: marking this issue as historic. All the
reports here are a long way in the past; at least some of them
indicated network-layer corruption; others involved { miscompilation
of / undefined behaviour in } C code that's been long since rewritten;
and we certainly have fixed some issues of this kind in the
last 20 years, plus diagnosed a fair number more as the other end's
fault. Further issues of this type should be raised separately with
proper reproducers.
If you want to comment on this web site, see the
Feedback page.
(last revision of this bug record was at 2024-11-17 14:53:03 +0000)