SSH into Devices running old versions of Dropbear SSH (e.g. UniFi APs, and other routers)

Lachy

After a lot of investigation in a thread on slack over the past 2 days, I discovered that 1Password's ssh-agent doesn't support logging into UniFi Access Points, which are running an old version of Dropbear SSH. This is an alternative SSH implementation that's commonly used on low power devices like routers and access points.

I'm just posting this here for anyone else who may encounter this issue trying to log into a similar device.

If you also have trouble logging into a device running Dropbear, check the version:

# ssh -V
Dropbear v2017.75

That version of Dropbear only supports ssh-rsa signatures and not rsa-sha2-256 or rsa-sha2-512. Support for these signature algorithms were added in version 2020.79.

Routers with OpenWRT firmware installed on them also run Dropbear. If you have this, this may be a problem for you depending on when you most recently updated the firmware.

The ssh logs when this occurs will look something like this:

$ ssh -vvv 10.0.1.10
...
debug3: sign_and_send_pubkey: signing using ssh-rsa SHA256:<redacted fingerprint>
sign_and_send_pubkey: signing failed for RSA "" from agent: agent refused operation
...

1Password's logs show this error:

[1P:/Users/builder/builds/BhfSvM9x/0/dev/core/core/ssh/op-ssh-agent/src/lib.rs:306] Error handling sign request: Key(expected RSA signature algorithm, but found a Ed25519 one)

If you encounter this problem, upgrade your device firmware if possible, or complain to the vendor that their devices are running an out of date SSH server.

Thanks to @K.J._1P for helping to figure this out with me in slack.

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

XIII

My ASUS router runs Asuswrt-Merlin (third-party) firmware that also uses Dropbear.

Luckily it's more up-to-date:

ASUSWRT-Merlin RT-AC86U 386.4_0 Sat Jan  1 18:43:23 UTC 2022
➜ ssh -V
Dropbear v2020.81

I can successfully log in to that router using the 1Password SSH Agent :)

Lachy

OpenSSH 8.8 has also disabled sha-rsa by default, so anyone running that client would also have difficulty using ssh keys with these old ssh servers.

https://www.openssh.com/txt/release-8.8

However, they do apparently provide a way to explicitly re-enable it for old hosts according to those release notes.

Host old-host
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

This doesn't work with the 1Password ssh-agent.

bramd

I have the same issue with a few Mikrotik routers, even on their latest RouterOS 7.x. I use the ssh client in WSL (Windows subsystem for Linux) and as a workaround i unset SSH_AUTH_SOCK and load the key from the filesystem using the -i to ssh.

compunction

I have a similar issue, but with openssh on UniFi Cloud Key

Server: OpenSSH_7.4p1 Debian-10+deb9u7, OpenSSL 1.0.2u 20 Dec 2019
Error: sign_and_send_pubkey: signing failed for RSA "" from agent: agent refused operation

Working linux box is Server: OpenSSH_8.4p1 Ubuntu-6ubuntu2.1, OpenSSL 1.1.1l 24 Aug 2021

Client is: OpenSSH_8.6p1, LibreSSL 3.3.5

Key works fine if I do a -i in and unset SSH_AUTH_SOCK

compunction

I found this error in the logs:
ERROR 2022-03-24T15:24:37.782 tokio-runtime-worker(ThreadId(3)) [1P:/Users/builder/builds/BhfSvM9x/0/dev/core/core/ssh/op-ssh-agent/src/lib.rs:377] Error handling sign request: Key(signing with ssh-rsa is unsupported; SHA-1 may be insecure)
ERROR 2022-03-24T15:24:37.798 tokio-runtime-worker(ThreadId(7)) [1P:/Users/builder/builds/BhfSvM9x/0/dev/core/core/ssh/op-ssh-agent/src/lib.rs:377] Error handling sign request: Key(signing with ssh-rsa is unsupported; SHA-1 may be insecure)

But when I tried to add these to my config file it got an error:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa

That and this seems like the op-ssh-agent does not support the legacy key signing.

floris_1P

Correct. We currently don't support ssh-rsa / SHA-1 signatures, but because of the compatibility issues this imposes, we're working on adding support for it anyway.

compunction

@floris_1P I like the idea of dropping insecure protocols and if at some day unifi updates SSHD I would prefer not to have what I assume is a potential Man in the middle vector (of course I only ssh into these devices on network, so lower risk). Maybe a configuration checkbox for legacy protocols on the developer config menu? If it could be done by key that would be even better so I could enable just for the key I use for Unifi. Just thinking not sure what is possible ;-)

floris_1P

@compunction You can already opt out of ssh-rsa through your SSH config:

HostkeyAlgorithms -ssh-rsa
PubkeyAcceptedAlgorithms -ssh-rsa

compunction

@floris_1P If I do that in my client config I get:

debug1: Offering public key: removed RSA SHA256:+Q4xSw+GPZrn+v3tMjfTrOqw2Zsiy+ChL/YajpdFmuc agent
debug1: send_pubkey_test: no mutual signature algorithm
debug1: Offering public key: removed RSA SHA256:IIP+sCXT7oTh4Ua8AobOPCNoJklDC55UfmHvtyPYSeM agent
debug1: send_pubkey_test: no mutual signature algorithm

If I reconfigure the SSHD, I would expect it to get broken on the next firmware update.

floris_1P

@compunction Yes, sorry for the confusion, but all I meant to say that if we now add ssh-rsa support to the agent, you would be free to opt out of that using that snippet I posted. But yes, if the server only supports ssh-rsa, then it is expected that opting out results in a broken auth flow.