Differences

This shows you the differences between the selected revisions of the page.

ui_login_bugs 2014-07-15 ui_login_bugs 2014-07-23
Line 69: Line 69:
===== Requires padding on SSH-2 RSA signatures ===== ===== Requires padding on SSH-2 RSA signatures =====
-Versions below 3.3 of [[&openssh|OpenSSH]] require SSH-2 RSA signatures to be padded with zero bytes to the same length as the RSA key modulus. The SSH-2 draft specification says that an unpadded signature MUST be accepted, so this is a bug. A typical symptom of this problem is that WinSCP mysteriously fails RSA authentication once in every few hundred attempts, and falls back to passwords. +Versions below 3.3 of [[&openssh|OpenSSH]] and versions below 1.3.4d/1.3.5rc4 of ProFTPD/mod_sftp require SSH-2 RSA signatures to be padded with zero bytes to the same length as the RSA key modulus. The SSH-2 draft specification says that an unpadded signature MUST be accepted, so this is a bug. A typical symptom of this problem is that WinSCP mysteriously fails RSA authentication once in every few hundred attempts, and falls back to passwords.
-If this bug is detected, WinSCP will pad its signatures in the way OpenSSH expects. If this bug is enabled when talking to a correct server, it is likely that no damage will be done, since correct servers usually still accept padded signatures because they're used to talking to OpenSSH. +If this bug is detected, WinSCP will pad its signatures in the way the buggy servers expect. If this bug is enabled when talking to a correct server, it is likely that no damage will be done, since correct servers usually still accept padded signatures because they're used to talking to OpenSSH.
This is an SSH-2-specific bug. This is an SSH-2-specific bug.

Last modified: by martin