• Discovery and Reporting: On 5 September 2024, the Platform.sh Engineering team found a security auth bypass in the golang.org/x/crypto/ssh package. They reported the findings to the Go Security team on 12 September and implemented mitigations. The Go security team reviewed the report and confirmed the findings on 2 October. It was pre-announced as [CVE-2024-45337] on 6 December and publicly disclosed on 12 December with the release of v0.31.0.
• Background on ssh Protocols: The ssh-2 protocol was designed in 2006 as an evolution of ssh-1. In ssh-1, client authentication was a challenge/response protocol. The ssh-2 protocol changed to a static signature based on known data but kept a query mechanism.
• Implementation Details: The [golang.org/x/crypto/ssh] package implements the ssh-2 protocol. The [PublicKeyCallback] function is called only once for a particular key before the client proves private key possession. Misimplementation is easy as the function can be stateful, allowing clients to query public keys they don't use.
• Impact on Platform.sh and Upsun: Platform.sh's ssh gateways use the [golang.org/x/crypto/ssh] package. They encourage others to disclose responsibly and have confidence in upstream maintainers.
• Recommendations: Update the [crypto/ssh] package to the newest version. Ensure the [PublicKeyCallback] method is stateless and does not assume public key authentication at this stage. Check if other packages misimplement the same callback and update or remove them if necessary. The package maintainers' cache fix should mitigate the vulnerability.