PuTTY artifact host-key-sig-verify-fail
summary: Occasional "server's host key did not match the signature supplied"
difficulty: tricky: Needs many tuits.
present-in: 0.55 0.56 2005-01-31 0.57 0.58
We've had several as-yet-unexplained reports of this (SSH-2
specific) error message, which may represent a bug in PuTTY or in an
SSH server, or perhaps data corruption in between. They've been
difficult to reproduce.
To determine for sure whether the problem lies in PuTTY or not, we
need extra information from a diagnostic build which we can provide,
as well as the ordinary SSH packet log.
WinXP, 0.55, "OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9" &
"OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8"; problem went away on its own
after a while
Depended on where session was run from (firewall/proxy probs?)
With packet log
WinXP, 2005-01-31:r5331 and "older versions"; unknown server; appears
specific to client machine
Packet log and exchange hash (unfortunately this was the wrong
0.58; "SSH-2.0-SAP"; connecting to 127.0.0.1:22
0.58; "SSH-2.0-4.1.2 SSH Secure Shell Toolkit"
0.57; SSH server was running on port 21 in a restricted environment,
and other protocols reported corruption; this went away when moving to
SSH packet log with DH private value (to be analysed)
One interesting report had both this SSH-2 failure, and the SSH-1
failure "Incorrect CRC received on packet", occurring reproducibly
on the same machine, and no other. Some further digging
into the SSH-1 problem by our correspondent indicated that PuTTY's
rsaencrypt() function was playing up; and they found that
with their compiler ("Microsoft (R) 32-bit C/C++ Optimizing Compiler
Version 13.10.3077 for 80x86") adding /Od (disable all
optimisations) made the problem go away.
<firstname.lastname@example.org> et seq
Audit trail for this artifact.
If you want to comment on this web site, see the
(last revision of this bug record was at 2005-11-23 10:34:47 +0000)