OpenSSH Principal Option Vulnerability in Authorized Keys Certificates Prior to 10.3

A vulnerability exists in OpenSSH versions prior to 10.3, related to the handling of the authorized_keys principals option. In certain rare scenarios, a certificate authority could issue a certificate with an empty principals section, which would be incorrectly interpreted as a wildcard match for any principal. This could allow unauthorized authentication as any user who trusts the CA, creating a potential security risk.

Impact

Exploitation could lead to unauthorized authentication as any user who trusts the certificate authority, allowing access to systems or resources as that user.

Reproduction

To reproduce this vulnerability, a certificate authority must issue a certificate with an empty principals section. This certificate should then be used in conjunction with an authorized_keys file that specifies a principals option listing more than one principal, including one that contains a comma. When this setup is used, the vulnerable behavior can be observed, where the certificate is incorrectly allowed to authenticate as a principal it should not match.

Remediation

Users should upgrade to OpenSSH 10.3 or later, where this vulnerability has been addressed.