Menu
What's new
By:
Filters Better Search

Dropbear not identifying key correctly?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

MarCoMLXXV

Guest
I generated a new ssh key this morning, using PuTTy Key Generator as I previously saw dropbear in syslog warning for using a SHA1 key, allthough I was sure I generated a RSA SHA2 key with ssh-keygen. So I generated a 256 bit ECDSA RSA2 key with passphrase, removed the old key on both server and client side, but still:

Code: 
May 26 09:33:29 dropbear[17144]: Pubkey auth succeeded for '********' with key sha1!! <fingerprint>

@RMerlin: Any idea why Dropbear still warns for using sha1, while the key is definitely not sha1?
 
MarCoMLXXV said:
I generated a new ssh key this morning, using PuTTy Key Generator as I previously saw dropbear in syslog warning for using a SHA1 key, allthough I was sure I generated a RSA SHA2 key with ssh-keygen. So I generated a 256 bit ECDSA RSA2 key with passphrase, removed the old key on both server and client side, but still:

Code: 
May 26 09:33:29 dropbear[17144]: Pubkey auth succeeded for '********' with key sha1!! <fingerprint>

@RMerlin: Any idea why Dropbear still warns for using sha1, while the key is definitely not sha1?
Click to expand...

That's not an error message, that's normal notification. SHA1 is merely a signature used to identify a key, it's not the key itself.
 
RMerlin said:
That's not an error message, that's normal notification. SHA1 is merely a signature used to identify a key, it's not the key itself.
Click to expand...

Ah, I see. I interpreted the exclamation mark as a warning. Strange though it notifies of a SHA1 signature when using a key with a SHA2 signature. I'll try to ignore it, as in I'll try to let my OCD not tokick in when I see the notifcation come by :confused: Thanks for the reply.
 
MarCoMLXXV said:
Ah, I see. I interpreted the exclamation mark as a warning. Strange though it notifies of a SHA1 signature when using a key with a SHA2 signature. I'll try to ignore it, as in I'll try to let my OCD not tokick in when I see the notifcation come by :confused: Thanks for the reply.
Click to expand...

Usually, keys are identified by an MD5. That might be why it seems to imply something is unusual, as I disabled MD5 support in dropbear, forcing it to switch to SHA1 for signature report.
 
You must log in or register to reply here.

Similar threads

R
How to fix ssh host key not a multiple of 256
Replies
5
Views
939
Martinski
M
A
SSH by Authorized Keys without username and password Asus Router
Replies
10
Views
3K
Jeffrey Young
J
B
update dropbear or disable ssh-dss support?
Replies
17
Views
2K
Brockp
B
A
Devices connect to my openvpn server correctly but no traffic from server to client
Replies
6
Views
873
ragtap
R
chengr28
ECC certificates are not working in WebUI
Replies
3
Views
1K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
corgan2224 RT-AX88U creates a lot of dropbear processes after update Asuswrt-Merlin 8
W Is there any way to set additional Dropbear startup options? Asuswrt-Merlin 3
T Security Key or PassKey support for admin login Asuswrt-Merlin 1
R How to fix ssh host key not a multiple of 256 Asuswrt-Merlin 5
M RT-AX86U suppress random key log entries Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 740 (members: 22, guests: 718)
Top