[crypto] ssh: verify declared key type matches decoded key in authorized_keys

0 views
Skip to first unread message

Gopher Robot (Gerrit)

unread,
Jun 30, 2026, 1:24:37 PM (yesterday) Jun 30
to Nicola Murino, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, golang...@luci-project-accounts.iam.gserviceaccount.com, Junyang Shao, Neal Patel, Neal Patel, Filippo Valsorda, golang-co...@googlegroups.com

Gopher Robot submitted the change with unreviewed changes

Unreviewed changes

1 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:

```
The name of the file: ssh/keys.go
Insertions: 3, Deletions: 3.

@@ -193,7 +193,7 @@
return "", nil, nil, "", nil, err
}
if pubKey.Type() != wantType {
- return "", nil, nil, "", nil, fmt.Errorf("ssh: key type mismatch: found %q, want %q", pubKey.Type(), wantType)
+ return "", nil, nil, "", nil, fmt.Errorf("ssh: known hosts key type mismatch: human-readable type %q, encoded type %q", wantType, pubKey.Type())
}

return marker, strings.Split(hosts, ","), pubKey, comment, rest, nil
@@ -241,7 +241,7 @@
if string(in[:i]) == out.Type() {
return out, comment, options, rest, nil
}
- err = fmt.Errorf("ssh: key type mismatch: found %q, want %q", out.Type(), in[:i])
+ err = fmt.Errorf("ssh: authorized keys key type mismatch: human-readable type %q, encoded type %q", in[:i], out.Type())
}
lastErr = err

@@ -289,7 +289,7 @@
options = candidateOptions
return out, comment, options, rest, nil
}
- err = fmt.Errorf("ssh: key type mismatch: found %q, want %q", out.Type(), in[:i])
+ err = fmt.Errorf("ssh: authorized keys key type mismatch: human-readable type %q, encoded type %q", in[:i], out.Type())
}
lastErr = err

```

Change information

Commit message:
ssh: verify declared key type matches decoded key in authorized_keys

ParseAuthorizedKey and ParseKnownHosts previously ignored the key type
field (e.g. "ssh-rsa") in each entry, relying solely on the type
information embedded within the base64-encoded key blob.

For ParseAuthorizedKey this also caused a single-token option to be
silently dropped: a line such as "restrict <key>" (with the key type
omitted) was parsed as an unrestricted key, because the option token
landed in the key type position and was discarded together with its
meaning. The same happens for no-pty, no-port-forwarding and the other
single-word options. OpenSSH's sshkey_read rejects such lines outright,
as the option token cannot be read as a key type.

OpenSSH's sshkey_read also explicitly verifies that the key type
declared in the text matches the type of the parsed key, returning
SSH_ERR_KEY_TYPE_MISMATCH if they differ.

This change adds, in both functions, a check that the declared key type
matches the decoded key's type, returning an error for malformed lines
where they diverge. This mirrors the fix already applied to the
ssh/knownhosts package in CL 782427.
Change-Id: I9163108d964de4be8a415fe0efd68e6b71f77990
Reviewed-by: Filippo Valsorda <fil...@golang.org>
Auto-Submit: Nicola Murino <nicola...@gmail.com>
Reviewed-by: Neal Patel <neal...@google.com>
Reviewed-by: Junyang Shao <shaoj...@google.com>
Files:
  • M ssh/keys.go
  • M ssh/keys_test.go
Change size: M
Delta: 2 files changed, 92 insertions(+), 10 deletions(-)
Branch: refs/heads/master
Submit Requirements:
Open in Gerrit
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: merged
Gerrit-Project: crypto
Gerrit-Branch: master
Gerrit-Change-Id: I9163108d964de4be8a415fe0efd68e6b71f77990
Gerrit-Change-Number: 792840
Gerrit-PatchSet: 3
Gerrit-Owner: Nicola Murino <nicola...@gmail.com>
Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>
Gerrit-Reviewer: Gopher Robot <go...@golang.org>
Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
Gerrit-Reviewer: Neal Patel <ne...@golang.org>
Gerrit-Reviewer: Nicola Murino <nicola...@gmail.com>
Gerrit-CC: Neal Patel <neal...@google.com>
open
diffy
satisfied_requirement
Reply all
Reply to author
Forward
0 new messages