Authenticity of host when connecting via OpenSSH

Hello!

I have 1 server (FQDN - u100.my-site.example) in cluster with next configuration:

teleport:
  auth_token: my-token
  auth_servers: [ "tp.my-site.example:3025" ]
  log:
      output: /var/lib/teleport/teleport.log
      severity: INFO
  advertise_ip: 192.168.33.33

auth_service:
  enabled: "yes"
  cluster_name: "main"
  session_recording: "proxy"
  tokens:
  - proxy,node:my-token

  authentication:
      second_factor: otp

ssh_service:
  enabled: "yes"

proxy_service:
    enabled: "yes"
    listen_addr: 0.0.0.0:3023
    tunnel_listen_addr: 0.0.0.0:3024
    web_listen_addr: 0.0.0.0:3080
    public_addr: tp.my-site.example:3080
    ssh_public_addr: tp.my-site.example:3023

    https_key_file: /var/lib/teleport/wildcard_my-site.example.key
    https_cert_file: /var/lib/teleport/wildcard_my-site.example.crt

Generated TrustedUserCAKeys, HostKey and HostCertificate by using the instruction:

and added them according to the instructions in OpenSSH.
Command for generation HostKey and HostCertificate:

sudo tctl auth sign --host=192.168.33.33,u100,u100.my-site.example,tp.my-site.example --format=openssh --out my_hosts

Added content of teleport_user_ca.pub to ~/.ssh/known_hosts on my localhost.
But when I connect via OpenSSH:

ssh  -o "ForwardAgent yes" -o "ProxyCommand ssh -o 'ForwardAgent yes' -p 3023 %r@tp.my-site.example -s proxy:%h:%p" vagrant@u100.my-site.example

I get a message:

$ ssh  -o "ForwardAgent yes" -o "ProxyCommand ssh -o 'ForwardAgent yes' -p 3023 %r@tp.my-site.example -s proxy:%h:%p" vagrant@u100.my-site.example
The authenticity of host '[tp.my-site.example]:3023 ([192.168.33.33]:3023)' can't be established.
RSA key fingerprint is SHA256:ymr4Rgt5rwpz8lLl8CIvo1wWVqoFbmW0f3XaDvBcXKQ.
Are you sure you want to continue connecting (yes/no)

how can I authenticate the hosts?

Can you please add -vvv to the ssh command you’re running and provide the output? I suspect that the hostname in the ~/.ssh/known_hosts file isn’t matching the proxy and so it doesn’t know to check against the host CA - ssh debug output would confirm that.

You might also want to look into HostKeyAlias under man ssh_config:

HostKeyAlias
             Specifies an alias that should be used instead of the real host name when looking up or saving the host key in the
             host key database files and when validating host certificates.  This option is useful for tunneling SSH connec‐
             tions or for multiple servers running on a single host.

file ~/.ssh/known_hosts contents

$ cat ~/.ssh/known_hosts  
@cert-authority *.my-site.example ssh-rsa AAAAB3NzaC1yc2EAAAADAQ[...] clustername=main&type=user

Output with -vvv option:

$ ssh -vvv -o "ForwardAgent yes" -o "ProxyCommand ssh -o 'ForwardAgent yes' -p 3023 %r@tp.my-site.example -s proxy:%h:%p" vagrant@u100.my-site.example
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /home/jimdell/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Executing proxy command: exec ssh -o 'ForwardAgent yes' -p 3023 vagrant@tp.my-site.example -s proxy:u100.my-site.example:22
debug1: permanently_drop_suid: 1000
debug1: identity file /home/jimdell/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jimdell/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
The authenticity of host '[tp.my-site.example]:3023 ([192.168.33.33]:3023)' can't be established.
RSA key fingerprint is SHA256:RPQdolWFFrrRgiYgMglUabUnRmhW79RVHAnc2LWrUaQ.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[tp.my-site.example]:3023,[192.168.33.33]:3023' (RSA) to the list of known hosts.
debug1: Remote protocol version 2.0, remote software version Go
debug1: no match: Go                                                                                                                                                        
debug2: fd 5 setting O_NONBLOCK
debug2: fd 4 setting O_NONBLOCK
debug1: Authenticating to u100.my-site.example:22 as 'vagrant'
debug3: hostkeys_foreach: reading file "/home/jimdell/.ssh/known_hosts"
debug3: record_hostkey: found ca key type RSA in file /home/jimdell/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from u100.my-site.example
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com
debug2: ciphers ctos: aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc: aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-256
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-256
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa-cert-v01@openssh.com
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host certificate: ssh-rsa-cert-v01@openssh.com SHA256:fXn/IPhgC344a0SzkETieAKStAdvkFoShRItLvtqXIA, serial 0 ID "" CA ssh-rsa SHA256:wy5w6gHUhgHE6K/3Xp8UGr0XItzE5D5LLNHUlBHrMUw valid after 2020-09-17T23:28:19
debug2: Server host certificate hostname: u100.my-site.example.main
debug2: Server host certificate hostname: u100.my-site.example
debug2: Server host certificate hostname: localhost
debug2: Server host certificate hostname: 127.0.0.1
debug2: Server host certificate hostname: ::1
debug3: hostkeys_foreach: reading file "/home/jimdell/.ssh/known_hosts"
debug3: record_hostkey: found ca key type RSA in file /home/jimdell/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from u100.my-site.example
debug1: No matching CA found. Retry with plain key
The authenticity of host 'u100.my-site.example (<no hostip for proxy command>)' can't be established.
RSA key fingerprint is SHA256:fXn/IPhgC344a0SzkETieAKStAdvkFoShRItLvtqXIA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'u100.my-site.example' (RSA) to the list of known hosts.

I’ve just realised - from this description, it looks like you’ve added the fingerprint of the user CA rather than the host CA to the known_hosts file.

You’d need to run tctl auth export --type=host on the auth server and add that @cert-authority value to your ~/.ssh/known_hosts instead. Give that a try and let me know how you get on.

1 Like

It’s works, thanks :slight_smile:
Could you add this information to the OpenSSH’s documentation, please?

1 Like

Oh wow, I didn’t realise that the command in the docs was incorrect. I will indeed raise a PR - thanks for pointing it out.

1 Like