[ssh_x509] Validating host with certificate chain

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Sun May 14 23:20:56 EEST 2017


Hello,

I recently installed pkixssh 10.1.1. It built fine and I’ve managed to do a successful key exchange with it using an RSA host key and X509 RSA certificate that I generated myself, chained through an intermediate CA to a private root CA. However, so far, I’ve only been able to get this to work when I provide the client with both the root CA and the intermediate CA in its X509 store. If I provided only the root CA on the client, the validation fails, even though I have configured the server to send a certificate chain which includes both a server certificate for the host and the intermediate CA.

Looking at the debug messages on the client, it appears to be receiving two certificates from the server during the key exchange, but it doesn’t appear to be able to use the intermediate CA provided by the server in the verification. Here’s what I see when the client trusts only the root CA:

debug3: Xkey_from_blob() pkalg='x509v3-ssh-rsa', blen=2264
debug3: X509key_from_buf2_common: certificate-count: 2
debug3: X509key_from_buf2_common: certificate[0]=0x7fdec2a00230
debug3: x509_to_key: X509_get_pubkey done!
debug3: X509key_from_buf2_common: certificate[1]=0x7fdec041c520
debug3: X509key_from_buf2_common: ocsp-response-count: 2
debug1: Server host key: x509v3-sign-rsa SHA256:YNyoZgiorD7t9iCfRIxGDDJXDrS/8hYnQOmCNVBZK0k
debug3: put_host_port: [::1]:22222
debug3: put_host_port: [localhost]:22222
debug3: hostkeys_foreach: reading file "/Users/ronf/.ssh/known_hosts"
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found ca key type RSA in file /Users/ronf/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [localhost]:22222
debug1: checking without port identifier
debug3: hostkeys_foreach: reading file "/Users/ronf/.ssh/known_hosts"
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found ca key type RSA in file /Users/ronf/.ssh/known_hosts:1
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found key type RSA in file /Users/ronf/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 2 keys from localhost
debug1: Host 'localhost' is known and matches the RSA+cert host key.
debug1: Found key in /Users/ronf/.ssh/known_hosts:5
debug1: found matching key w/out port
debug3: ssh_x509_verify:  key alg/type/name: x509v3-ssh-rsa/RSA+cert/x509v3-sign-rsa
debug3: ssh_x509_verify: compatibility: { 0x04000000, 0x00000000 }
debug3: ssh_x509_verify: signature name = ssh-rsa
debug3: ssh_x509_verify: md=rsa-sha1, loc=5
debug3: ssh_x509store_verify_cert: for 'C=US,ST=California,O=Timeheart,CN=quad.timeheart.net'
ssh_x509store_cb: subject='C=US,ST=California,O=Timeheart,CN=quad.timeheart.net', error 20 at 0 depth lookup:unable to get local issuer certificate
ssh_verify_cert: verify error, code=20, msg='unable to get local issuer certificate'
debug3: ssh_x509store_verify_cert: return -1(error)
debug3: ssh_x509_verify: return -25
ssh_dispatch_run_fatal: Connection to ::1 port 22222: invalid certificate

However, when I add the intermediate CA to the client’s X509 store, it succeeds:

debug3: Xkey_from_blob() pkalg='x509v3-ssh-rsa', blen=2264
debug3: X509key_from_buf2_common: certificate-count: 2
debug3: X509key_from_buf2_common: certificate[0]=0x7f80f8e04490
debug3: x509_to_key: X509_get_pubkey done!
debug3: X509key_from_buf2_common: certificate[1]=0x7f80f8e05c40
debug3: X509key_from_buf2_common: ocsp-response-count: 2
debug1: Server host key: x509v3-sign-rsa SHA256:YNyoZgiorD7t9iCfRIxGDDJXDrS/8hYnQOmCNVBZK0k
debug3: put_host_port: [::1]:22222
debug3: put_host_port: [localhost]:22222
debug3: hostkeys_foreach: reading file "/Users/ronf/.ssh/known_hosts"
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found ca key type RSA in file /Users/ronf/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [localhost]:22222
debug1: checking without port identifier
debug3: hostkeys_foreach: reading file "/Users/ronf/.ssh/known_hosts"
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found ca key type RSA in file /Users/ronf/.ssh/known_hosts:1
debug3: key_from_blob(..., ...) ktype=ssh-rsa
debug3: record_hostkey: found key type RSA in file /Users/ronf/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 2 keys from localhost
debug1: Host 'localhost' is known and matches the RSA+cert host key.
debug1: Found key in /Users/ronf/.ssh/known_hosts:5
debug1: found matching key w/out port
debug3: ssh_x509_verify:  key alg/type/name: x509v3-ssh-rsa/RSA+cert/x509v3-sign-rsa
debug3: ssh_x509_verify: compatibility: { 0x04000000, 0x00000000 }
debug3: ssh_x509_verify: signature name = ssh-rsa
debug3: ssh_x509_verify: md=rsa-sha1, loc=5
debug3: ssh_x509store_verify_cert: for 'C=US,ST=California,O=Timeheart,CN=quad.timeheart.net'
debug3: ssh_x509revoked_cb: Issuer: C=US,ST=California,O=Timeheart,CN=Timeheart Root CA
debug3: ssh_x509revoked_cb: Subject: C=US,ST=California,O=Timeheart,CN=Timeheart Root CA
debug3: ssh_x509revoked_cb: Issuer: C=US,ST=California,O=Timeheart,CN=Timeheart Root CA
debug3: ssh_x509revoked_cb: Subject: C=US,ST=California,O=Timeheart,CN=Timeheart SSH Intermediate CA
debug3: ssh_x509revoked_cb: Issuer: C=US,ST=California,O=Timeheart,CN=Timeheart SSH Intermediate CA
debug3: ssh_x509revoked_cb: Subject: C=US,ST=California,O=Timeheart,CN=quad.timeheart.net
debug3: ssh_ocsp_validate: for 'C=US,ST=California,O=Timeheart,CN=quad.timeheart.net'
debug3: ssh_ocsp_validate: none
debug3: ssh_x509store_verify_cert: return 1(trusted)
debug3: ssh_x509_verify: return 0

In both cases, the server is sending the server certificate and intermediate CA (as you can see in the debug output at the top where there’s a certificate count of 2 and an OCSP response count of 2).

Any idea what I might be doing wrong that’s preventing the client from using the intermediate CA provided by the server?

Thanks in advance for any advice you can provide!
-- 
Ron Frederick
ronf at timeheart.net





More information about the ssh_x509 mailing list