git clone fails when client connects with ed25519 key

Problem

If you have an ed25519 in your ssh-agent keyring (along with your RSA key), git clone will fail.

The Twisted Python Conch server that’s running at git.drupal.org does not gracefully handle ed25519 failures, causing it to crash.

Short term solution

We should patch auth_publickey() to verify the key algorithm is one we support (ssh-rsa/ssh-dsa):

    def auth_publickey(self, packet):
        """
        Public key authentication.  Payload::
            byte has signature
            string algorithm name
            string key blob
            [string signature] (if has signature is True)
        Create a SSHPublicKey credential and verify it using our portal.
        """
        hasSig = ord(packet[0])
        algName, blob, rest = getNS(packet[1:], 2)

        # <--- PATCH BEGIN -->

        if not algName in ('ssh-rsa', 'ssh-dsa'):
           log.msg( "Attempted public key authentication with %s algorithm" % (algName,))
           return defer.fail(error.ConchError("Incorrect signature"))

        # <--- PATCH END -->

        pubKey = keys.Key.fromString(blob)
        signature = hasSig and getNS(rest)[0] or None
        if hasSig:
            b = (NS(self.transport.sessionID) + chr(MSG_USERAUTH_REQUEST) +
                NS(self.user) + NS(self.nextService) + NS(b'publickey') +
                chr(hasSig) +  NS(pubKey.sshType()) + NS(blob))
            c = credentials.SSHPrivateKey(self.user, algName, blob, b,
                    signature)
            return self.portal.login(c, None, interfaces.IConchUser)
        else:
            c = credentials.SSHPrivateKey(self.user, algName, blob, None, None)
            return self.portal.login(c, None,
                    interfaces.IConchUser).addErrback(self._ebCheckKey,
                            packet[1:])

Long term solution

1. Wait for Twisted to fix upstream and update our copy of Twisted.

2. The Twisted maintainers don’t seem to be interested in supporting ed25519. This issue is over 5 years old:

https://twistedmatrix.com/trac/ticket/5350

Meanwhile, more developers will be transitioning to ed25519 for it’s improved performance and security.

Moreover, ed25519 has become the default algorithm in OpenSSH (mentioned under KexAlgorithms in Ubuntu, OpenBSD).

If we’re not too dependent on Twisted, we can look for a replacement library.

References


Source: https://www.drupal.org/project/issues/rss/infrastructure

Leave a Reply