CVE-2021-36368 Overview
An authentication bypass vulnerability was discovered in OpenSSH before version 8.9. When a client uses public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, users cannot determine whether FIDO authentication is confirming a connection to the intended server or allowing that server to connect to a different server on the user's behalf. This creates a potential user consent confusion scenario in FIDO-based authentication workflows.
Critical Impact
Attackers who have compromised a server can potentially abuse FIDO agent forwarding to authenticate to other servers without the user's explicit knowledge or consent, leading to unauthorized access to additional systems.
Affected Products
- OpenBSD OpenSSH (versions before 8.9)
- Debian Linux 9.0
- Debian Linux 10.0
- Debian Linux 11.0
Discovery Timeline
- 2022-03-13 - CVE CVE-2021-36368 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2021-36368
Vulnerability Analysis
This vulnerability represents an authentication bypass flaw classified under CWE-287 (Improper Authentication). The core issue lies in how OpenSSH handles FIDO authentication prompts when agent forwarding is enabled.
FIDO (Fast Identity Online) authentication typically requires user consent through physical interaction with a security key. However, when the SSH client is configured with agent forwarding, the FIDO authentication requests can be forwarded through the SSH connection chain. The vulnerability exploits the lack of clear indication to the user about which server is requesting FIDO authentication.
If an attacker has compromised an intermediate server and modified it to support the "None" authentication option, they can trigger FIDO authentication requests that appear to be for the compromised server but are actually for a different target server. Without verbose logging enabled (-oLogLevel=verbose), the user has no way to distinguish between these scenarios.
Note: The vendor (OpenBSD) has stated that this is not technically an authentication bypass since the authentication mechanism itself is not being circumvented—rather, user consent is being obtained under potentially misleading circumstances.
Root Cause
The root cause stems from insufficient user notification during FIDO authentication when agent forwarding is active. The SSH client does not adequately inform users about the actual destination of forwarded authentication requests, making it possible for attackers to abuse the trust relationship established through agent forwarding.
Attack Vector
The attack requires network access and involves several prerequisites:
- The attacker must have compromised an SSH server that the victim connects to
- The victim must be using FIDO-based public-key authentication with agent forwarding enabled
- The victim must not be using verbose logging (-oLogLevel=verbose)
- The attacker modifies the compromised server to support None authentication
When these conditions are met, the attacker can leverage the victim's FIDO credentials through agent forwarding to authenticate to other servers that the victim has access to. The victim performs the FIDO authentication action (such as touching a security key) believing they are authenticating to one server, when in fact the authentication is being used for a different destination.
For technical details on this attack vector, refer to the SSH-MITM Trivial Authentication Guide and the Bugzilla Report #3316.
Detection Methods for CVE-2021-36368
Indicators of Compromise
- Unexpected FIDO authentication prompts when connecting to known SSH servers
- SSH connections being established to servers not explicitly intended by the user
- Authentication logs showing connections to unexpected destinations following FIDO key usage
- Modified SSH server configurations on potentially compromised systems enabling None authentication
Detection Strategies
- Enable verbose logging (-oLogLevel=verbose) on SSH clients to capture detailed authentication flow information
- Monitor SSH agent forwarding activity for unusual authentication patterns
- Audit SSH server configurations for unauthorized changes to authentication methods
- Implement network monitoring to detect SSH connections to unexpected destinations following agent-forwarded authentication
Monitoring Recommendations
- Review SSH client and server logs for anomalous authentication patterns
- Monitor for modifications to SSH server configurations, particularly authentication options
- Track FIDO authentication events and correlate them with actual intended destinations
- Implement alerting for SSH agent forwarding activity in sensitive environments
How to Mitigate CVE-2021-36368
Immediate Actions Required
- Upgrade OpenSSH to version 8.9 or later where this issue has been addressed
- Enable verbose logging by adding -oLogLevel=verbose to SSH commands when using FIDO authentication with agent forwarding
- Consider disabling SSH agent forwarding when not strictly necessary
- Review and restrict which hosts are permitted to use agent forwarding through SSH configuration
Patch Information
OpenBSD has addressed this vulnerability in OpenSSH version 8.9. The fix improves user notification during FIDO authentication when agent forwarding is in use. For detailed patch information, see the GitHub Pull Request #258 and the OpenSSH Security Documentation.
Debian users should consult the Debian CVE-2021-36368 Tracker for distribution-specific patch availability.
Workarounds
- Always use -oLogLevel=verbose when connecting with FIDO authentication and agent forwarding to ensure visibility into authentication destinations
- Disable agent forwarding in SSH client configuration (ForwardAgent no) unless explicitly required
- Use ssh-add -c to require confirmation for each use of keys in the agent
- Implement jump hosts or bastion servers as an alternative to agent forwarding for multi-hop SSH access
# Configuration example
# Add to ~/.ssh/config to enforce verbose logging and disable agent forwarding by default
Host *
LogLevel VERBOSE
ForwardAgent no
# Enable agent forwarding only for specific trusted hosts
Host trusted-host.example.com
ForwardAgent yes
AddKeysToAgent confirm
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
