The following warning is printed after successful authentication:
client_global_hostkeys_prove_confirm: server gave bad signature for RSA key 0: incorrect signature
DEBUG3 log with relevant messages:
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug3: client_input_hostkeys: received RSA key SHA256:pBfV4Mkhk33j52vy5/K0n4S6rAeZl+3KWpI7RlKjR8Y
debug3: client_input_hostkeys: received ECDSA key SHA256:ZC/9S8peKtRgAfiHNSrRvH34ZsB+f1XoRh2NlBTjmGg
debug3: client_input_hostkeys: received ED25519 key SHA256:HwSlQTKh/PnjJMKSNqBv4JlPcKRtWTGLOeBlYlkw8fE
debug3: client_input_hostkeys: asking server to prove ownership for 3 keys
debug3: send packet: type 80
debug3: receive packet: type 91
debug3: receive packet: type 81
debug3: client_global_hostkeys_prove_confirm: verify RSA key 0 using sigalg rsa-sha2-512
client_global_hostkeys_prove_confirm: server gave bad signature for RSA key 0: incorrect signature
hostkeys-00@openssh.com request in the log is part of host key update mechanism:
On success, the server returns the following message:
byte SSH_MSG_REQUEST_SUCCESS
string[] signatures
Each signature is made by signing the following structure with the corresponding key[...]
string "hostkeys-prove-0"
string session identifier
string hostkey
As client-sshproxy and sshproxy-upstream connections has different sessions identifiers, the signature check always fails.
The following warning is printed after successful authentication:
DEBUG3 log with relevant messages:
hostkeys-00@openssh.comrequest in the log is part of host key update mechanism:As client-sshproxy and sshproxy-upstream connections has different sessions identifiers, the signature check always fails.