DNSSEC working but SSHFP reported as insecure

To: debian-user@lists.debian.org
Subject: DNSSEC working but SSHFP reported as insecure
From: Andre Rodier <andre@rodier.me>
Date: Sat, 03 Dec 2022 15:30:35 +0000
Message-id: <[🔎] 4a18c984199951a663af7b061164a1d008cb8c13.camel@rodier.me>
Hello, all.

I have implemented DNSSEC successfully (apparently) on a test box
(using PowerDNS, btw). We can see the test here:

https://dnssec-debugger.verisignlabs.com/homebox.world

I have set my SSHFP records correctly (I think):

> dig +dnssec -t SSHFP main.homebox.world @1.1.1.1                    
> ; <<>> DiG 9.18.8-1~bpo11+1-Debian <<>> +dnssec -t SSHFP
> main.homebox.world @1.1.1.1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26002
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL:
> 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ;; QUESTION SECTION:
> ;main.homebox.world.            IN      SSHFP
> 
> ;; ANSWER SECTION:
> main.homebox.world.     3600    IN      SSHFP   1 1
> EA89F6C8C8EDA5E29E913F4448A816A19624D125
> main.homebox.world.     3600    IN      SSHFP   1 2
> 7CF3701693BAEB8406FD0DB7182E01BBADC1F639BA4FC2CA7224116C C9D237DC
> main.homebox.world.     3600    IN      SSHFP   2 1
> EB09A2823E9D8A51EF7FE3260E0890A56924DA6F
> main.homebox.world.     3600    IN      SSHFP   2 2
> C3CDD443653530C94C1B90511F3E07CE8FE1FCBBCD60E37729543A57 7B0A5A44
> main.homebox.world.     3600    IN      SSHFP   3 1
> 142F2A695A2E06CABAB6E19800657C3F0B28301D
> main.homebox.world.     3600    IN      SSHFP   3 2
> 4F6DD59B7C671E9FE3265057AEF76BC448AEF75A4FCE35513C17C62E 9BB9C8F6
> main.homebox.world.     3600    IN      SSHFP   4 1
> 35D346E05D1351A78868E033EBE736C3030D3551
> main.homebox.world.     3600    IN      SSHFP   4 2
> 052736C5F2E6DCE7D41AEEB7F41DBCE01D19D2AC9E9CCFFAB79FB37A B85CE335
> main.homebox.world.     3600    IN      RRSIG   SSHFP 13 3 3600
> 20221215000000 20221124000000 45407 homebox.world.
> t30IX78PNMQLWy7g/3Xs8JvEgcwK6dEnxk7MtJZ9Iqk6ATKfZ32u0uPu
> nYw8Hi+bkU45qcQ+9gl5iWCOrd3VVA==
> 
> ;; Query time: 52 msec
> ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
> ;; WHEN: Sat Dec 03 15:28:26 GMT 2022
> ;; MSG SIZE  rcvd: 476

However, when I connect using SSH, the client complains the keys are
insecure:

> OpenSSH_8.4p1 Debian-5+deb11u1, OpenSSL 1.1.1n  15 Mar 2022
> debug1: Reading configuration data /home/andre/.ssh/config
> debug1: /home/andre/.ssh/config line 21: Applying options for
> main.homebox.world
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: include
> /etc/ssh/ssh_config.d/*.conf matched no files
> debug1: /etc/ssh/ssh_config line 21: Applying options for *
> debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' ->
> '/home/andre/.ssh/known_hosts'
> debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' ->
> '/home/andre/.ssh/known_hosts2'
> debug2: resolving "main.homebox.world" port 22
> debug2: ssh_connect_direct
> debug1: Connecting to main.homebox.world [78.141.231.71] port 22.
> debug1: Connection established.
> debug1: identity file /home/andre/.ssh/id_rsa type 0
> debug1: identity file /home/andre/.ssh/id_rsa-cert type -1
> debug1: identity file /home/andre/.ssh/id_dsa type -1
> debug1: identity file /home/andre/.ssh/id_dsa-cert type -1
> debug1: identity file /home/andre/.ssh/id_ecdsa type -1
> debug1: identity file /home/andre/.ssh/id_ecdsa-cert type -1
> debug1: identity file /home/andre/.ssh/id_ecdsa_sk type -1
> debug1: identity file /home/andre/.ssh/id_ecdsa_sk-cert type -1
> debug1: identity file /home/andre/.ssh/id_ed25519 type -1
> debug1: identity file /home/andre/.ssh/id_ed25519-cert type -1
> debug1: identity file /home/andre/.ssh/id_ed25519_sk type -1
> debug1: identity file /home/andre/.ssh/id_ed25519_sk-cert type -1
> debug1: identity file /home/andre/.ssh/id_xmss type -1
> debug1: identity file /home/andre/.ssh/id_xmss-cert type -1
> debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_8.4p1 Debian-5+deb11u1
> debug1: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH* compat
> 0x04000000
> debug2: fd 3 setting O_NONBLOCK
> debug1: Authenticating to main.homebox.world:22 as 'root'
> debug3: hostkeys_foreach: reading file "/home/andre/.ssh/known_hosts"
> debug3: send packet: type 20
> debug1: SSH2_MSG_KEXINIT sent
> debug3: receive packet: type 20
> debug1: SSH2_MSG_KEXINIT received
> debug2: local client KEXINIT proposal
> debug2: KEX algorithms: curve25519-sha256, 
> curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-
> nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-
> sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-
> sha512,diffie-hellman-group14-sha256,ext-info-c
> debug2: host key algorithms:
> ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com
> ,  ecdsa-sha2-nistp521-cert-v01@openssh.com, 
> sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, 
> ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,
> rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
> ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-
> nistp384,ecdsa-sha2-nistp521, 
> sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519, 
> sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
> debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-
> ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com, 
> aes256-gcm@openssh.com
> debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-
> ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com, 
> aes256-gcm@openssh.com
> debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
> hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 
> hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hm
> ac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
> hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 
> hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hm
> ac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: compression ctos: zlib@openssh.com,zlib,none
> debug2: compression stoc: zlib@openssh.com,zlib,none
> debug2: languages ctos:
> debug2: languages stoc:
> debug2: first_kex_follows 0
> debug2: reserved 0
> debug2: peer server KEXINIT proposal
> debug2: KEX algorithms: curve25519-sha256, 
> curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-
> nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-
> sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-
> sha512,diffie-hellman-group14-sha256
> debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-
> sha2-nistp256,ssh-ed25519
> debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-
> ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com, 
> aes256-gcm@openssh.com
> debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-
> ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com, 
> aes256-gcm@openssh.com
> debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
> hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 
> hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hm
> ac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
> hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 
> hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hm
> ac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: compression ctos: none,zlib@openssh.com
> debug2: compression stoc: none,zlib@openssh.com
> debug2: languages ctos:
> debug2: languages stoc:
> debug2: first_kex_follows 0
> debug2: reserved 0
> debug1: kex: algorithm: curve25519-sha256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256
> debug1: kex: server->client cipher: chacha20-poly1305@openssh.com
> MAC: <implicit> compression: zlib@openssh.com
> debug1: kex: client->server cipher: chacha20-poly1305@openssh.com
> MAC: <implicit> compression: zlib@openssh.com
> debug3: send packet: type 30
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug3: receive packet: type 31
> debug1: Server host key: ecdsa-sha2-nistp256
> SHA256:T23Vm3xnHp/jJlBXrvdrxEiu91pPzjVRPBfGLpu5yPY
> debug3: verify_host_key_dns
> debug1: found 8 insecure fingerprints in DNS
> debug1: matching host key fingerprint found in DNS
> debug3: hostkeys_foreach: reading file "/home/andre/.ssh/known_hosts"
> debug3: hostkeys_foreach: reading file "/home/andre/.ssh/known_hosts"
> debug3: record_hostkey: found key type ECDSA in file
> /home/andre/.ssh/known_hosts:59
> debug3: load_hostkeys: loaded 1 keys from 78.141.231.71
> The authenticity of host 'main.homebox.world (78.141.231.71)' can't
> be established.
> ECDSA key fingerprint is
> SHA256:T23Vm3xnHp/jJlBXrvdrxEiu91pPzjVRPBfGLpu5yPY.
> Matching host key fingerprint found in DNS.
> Are you sure you want to continue connecting (yes/no/[fingerprint])?

Where am I making a mistake, please ?

Thanks,
André
Reply to:
Follow-Ups:
- Re: DNSSEC working but SSHFP reported as insecure
  - From: John Scott <jscott@posteo.net>
- Re: DNSSEC working but SSHFP reported as insecure
  - From: Casey Deccio <casey@deccio.net>
Prev by Date: Re: Touchpad synaptics changes name after resume
Next by Date: Re: DNSSEC working but SSHFP reported as insecure
Previous by thread: Re: Touchpad synaptics changes name after resume
Next by thread: Re: DNSSEC working but SSHFP reported as insecure
Index(es):
- Date
- Thread