ssh 私钥不支持

[dyimo]

OS

Windows

VERSION

1.5.5

ISSUE DESCRIPTION

Error signing data with key: error:06000080:public key routines:OPENSSL_internal:UNSUPPORTED_ALGORITHM SSH config right?

私钥信息
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,94C40EB3BDAD4460

[dyimo]

当不配置Passphrase时，则提示：
Cannot parse privateKey: Encrypted OpenSSH private key detected, but no passphrase given SSH config right?

在RESP.app上进行同样的配置ssh时，正常连接

[qishibo]

https://pan.baidu.com/s/1BE48F7cHOaYhjLY5rtEvbw?pwd=823m
试试这个，增加了额外的ssh算法，看看好使不

[dyimo]

DES-EDE3-CBC，增加的额外算法有这个吗

[qishibo]

DES-EDE3-CBC，增加的额外算法有这个吗

加在cipher里了

[dyimo]

Cannot parse privateKey: Encrypted OpenSSH private key detected, but no passphrase given SSH config right?
还是提示这个

[dyimo]

Error signing data with key: error:06000080:public key routines:OPENSSL_internal:UNSUPPORTED_ALGORITHM SSH config right?

我将私钥转为OpenSSH格式
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,F244933ACF9CDC2137BEDD93817392E1

还是提示这个

[qishibo]

Cannot parse privateKey: Encrypted OpenSSH private key detected, but no passphrase given SSH config right? 还是提示这个

这是私钥加密了，需要passphrase

Error signing data with key: error:06000080:public key routines:OPENSSL_internal:UNSUPPORTED_ALGORITHM SSH config right?

我将私钥转为OpenSSH格式 -----BEGIN DSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,F244933ACF9CDC2137BEDD93817392E1

还是提示这个

这个有点怪，AES-128-CBC已经加进去了啊，你是用的上面网盘下载的么

[dyimo]

是的，使用你发的安装包

[magnetik]

I might be facing the same issue but I do not have any error log :

[qishibo]

I might be facing the same issue but I do not have any error log :

this error may not be error of ssh, is the IP right or reachable?

[magnetik]

Yeah this is a vagrant/virtualbox VM localy accessible on the ip 127.0.0.1 port 2222. I've tried with localhost instead of the ip too.
Connection works with putty and heidisql.

[qishibo]

Yeah this is a vagrant/virtualbox VM localy accessible on the ip 127.0.0.1 port 2222. I've tried with localhost instead of the ip too.

Connection works with putty and heidisql.

you can show me your config

[qishibo]

Yeah this is a vagrant/virtualbox VM localy accessible on the ip 127.0.0.1 port 2222. I've tried with localhost instead of the ip too. Connection works with putty and heidisql.

and you can use your virtual IP in vm like 172.27.115.248 showed in ifconfig

[Braxilior]

Yeah this is a vagrant/virtualbox VM localy accessible on the ip 127.0.0.1 port 2222. I've tried with localhost instead of the ip too.
Connection works with putty and heidisql.

you can show me your config

Hello, I work with @magnetik and this is the config we use :

[qishibo]

this error raised by invalid ssh config, can you ssh to vm in terminal manually? or you can ssh by password instead of private key

[Braxilior]

I can connect to the vm from terminal using the same private key than in the redis client config :
ssh -i <some_path>\machines\default\virtualbox\private_key [email protected] -p 2222

[Braxilior]

This is the output of ssh -i <some_path>\machines\default\virtualbox\private_key [email protected] -p 2222 -v

OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Reading configuration data C:\\Users\\<some_user>/.ssh/config
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 2222.
debug1: Connection established.
debug1: identity file <some_path>\\machines\\default\\virtualbox\\private_key type -1
debug1: identity file <some_path>\\.vagrant\\machines\\default\\virtualbox\\private_key-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3
debug1: match: OpenSSH_8.9p1 Ubuntu-3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 127.0.0.1:2222 as 'vagrant'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Xa5U+VsJfows+73hXyVnYy+XcxtFrg3uXT1krLqq+cc
debug1: Host '[127.0.0.1]:2222' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\<some_user>/.ssh/known_hosts:2
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: <some_path>\\machines\\default\\virtualbox\\private_key  explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: kex_input_ext_info: [email protected] (unrecognised)
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: <some_path>\\machines\\default\\virtualbox\\private_key
debug1: Authentication succeeded (publickey).
Authenticated to 127.0.0.1 ([127.0.0.1]:2222).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: ENABLE_VIRTUAL_TERMINAL_INPUT is supported. Reading the VTSequence from console
debug1: ENABLE_VIRTUAL_TERMINAL_PROCESSING is supported. Console supports the ansi parsing
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Remote: /home/vagrant/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding

I can also email you my private key if you want since it's an autogenerated one.

[qishibo]

@Braxilior you can email me your private and public key if possible, and I will try to debug with your keys. shiboqi123#gmail.com

[magnetik]

Looks like we are bitten by mscdex/ssh2#989

mscdex/ssh2#1200 seems to be a fix for it, but it's not merged.

[qishibo]

but as I emailed you, it works well in my computer with your private_key. the only different between us is the sshd server maybe.
so the pr mscdex/ssh2#1200 might solve the issue as it matched _remoteHostKeyAlgorithms, I'll pay attention to it also, Thx!

[magnetik]

We are running OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022

[qishibo]

reproduced, if I update my OpenSSH from 6.6 to OpenSSH_8.9p1, the app login failed when using RSA keys, while success in cli.

it seems that the author of ssh2 do not have a good idea, but we can solve it by modifying ssh server config /etc/ssh/sshd_config

# Add the line below
PubkeyAcceptedKeyTypes=+ssh-rsa

by mscdex/ssh2#989 (comment)

[iciness]

Cannot parse privateKey: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT SSH config
我是报这个错误，我这边是ecdsa-sha2-nistp521 ssh-rsa都试过

[qishibo]

Cannot parse privateKey: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT

试试这个命令改一下格式呢ssh-keygen -p -m pem -f ~/.ssh/id_rsa