legba icon indicating copy to clipboard operation
legba copied to clipboard
verified publisher icon evilsocket

SSH Key Algorithm Compatibility Issue

Open FLX-0x00 opened this issue 11 months ago • 0 comments

Issue Summary

When testing older systems with Legba, the SSH authentication fails due to unsupported key algorithms. Older systems often only support legacy SSH key algorithms (e.g., ssh-rsa), but since Legba relies on the system SSH client, it inherits modern restrictions and fails to authenticate.

Expected Behavior

Legba should respect user-defined SSH configurations or allow users to specify custom SSH options to work with older systems. Currently the older systems will be "ignored" and maybe missed in an engangement.

Observed Behavior

When attempting to authenticate to an older SSH target, Legba fails with the error:

Ssh error occurred: No common key algorithm

Even though the system’s native SSH client can connect when using custom options like:

ssh -o HostKeyAlgorithms=+ssh-rsa user@target

or configuring .ssh/config with:

Host *
  HostKeyAlgorithms +ssh-rsa

Legba does not seem to respect these settings, leading to failed connections.

Steps to Reproduce

  1. Set up an older SSH server that only supports legacy key algorithms (e.g., ssh-rsa).
  2. Ensure the system’s SSH client can connect using either:
    • ssh -o HostKeyAlgorithms=+ssh-rsa user@target
    • Modifying .ssh/config as shown above.
  3. Run Legba against the same target. legba ssh --target @./ssh.txt --combinations pass.txt --ssh-auth-mode password
  4. Authentication fails with No common key algorithm.

Possible Solutions

  • Allow custom SSH options: Add a CLI flag to pass SSH options, e.g., --ssh-options "-o HostKeyAlgorithms=+ssh-rsa".
  • Respect user SSH configuration: Ensure Legba reads .ssh/config settings.
  • Automatically allow older protocols: If possible, detect unsupported algorithms and adjust accordingly.
  • Provide a fallback mechanism: If authentication fails due to key algorithms, attempt a retry with broader compatibility.

Environment

  • Legba version: Latest
  • OS: Arch Linux
  • SSH client version: OpenSSH_9.9p2
  • Target system: Linux ubuntu 3.13.0-29-generic | OpenSSH_6.6

Would love to hear your thoughts on possible fixes! Thanks for the great tool. Hopefully I am not missing something obvious and getting the disappointed cat.

FLX-0x00 avatar Feb 26 '25 10:02 FLX-0x00