On Oct 27, 2023, at 4:21 AM, Mouse <mouse%Rodents-Montreal.ORG@localhost> wrote:The convention is to always use "git" as the username, and then the
server somehow maps the pubkey used to the appropriate gitlab user.
Ah, OK. In that case:
Wrote SSH_MSG_USERAUTH_REQUEST (50) packet, length 490.
0000: 00 00 00 03 67 69 74 00 00 00 0E 73 73 68 2D 63 ....git....ssh-c
0016: 6F 6E 6E 65 63 74 69 6F 6E 00 00 00 09 70 75 62 onnection....pub
0032: 6C 69 63 6B 65 79 01 00 00 00 0C 72 73 61 2D 73 lickey.....rsa-s
0048: 68 61 32 2D 32 35 36 00 00 00 D7 00 00 00 07 73 ha2-256........s
0064: 73 68 2D 72 73 61 00 00 00 03 01 00 01 00 00 00 sh-rsa..........
0080: C1 00 E4 C5 6B 62 93 98 2F 7B 70 D2 89 B4 82 9E ....kb../{p.....
[...]
Read SSH_MSG_USERAUTH_FAILURE (51) packet, length 14.
0000: 00 00 00 09 70 75 62 6C 69 63 6B 65 79 00 ....publickey.
So whatever it is it's not the client fingerprint or the user name.
I concur. Even with username git, I see the same abrupt connection drop after sending a USERAUTH_REQUEST with method name "publickey" (and my banner set back to the default).
Apologies for coming in late on this, but I noticed in the hex dump that the RSA public key the client is sending appears to be a 1536-bit key (the length field of the prime is 00 00 00 C1). If you try with a 2048-bit key, do you still see the abrupt connection close after the server sends back USERAUTH_FAILURE?
--
Ron Frederick
ronf%timeheart.net@localhost
|