An update of golang.org/x/crypto/ssh might be necessary

2,406 views
Skip to first unread message

Filippo Valsorda

unread,
Mar 15, 2022, 12:19:04 PM3/15/22
to golang-nuts

Hello gophers,

Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements client authentication support for signature algorithms based on SHA-2 for use with existing RSA keys.

Previously, a client would fail to authenticate with RSA keys to servers that reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default and—starting today March 15, 2022github.com for recently uploaded keys.

We are providing this announcement as the error (“ssh: unable to authenticate”) might otherwise be difficult to troubleshoot.

Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also fixes a potential security issue where an attacker could cause a crash in a golang.org/x/crypto/ssh server under these conditions:

  • The server has been configured by passing a Signer to ServerConfig.AddHostKey.

  • The Signer passed to AddHostKey does not also implement AlgorithmSigner.

  • The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.

Servers that only use Signer implementations provided by the ssh package are unaffected. This is CVE-2022-27191.

Alla prossima,

Filippo for the Go Security team

Reply all
Reply to author
Forward
0 new messages