Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ed25519 keys doesn't work #10117

Closed
n00bsteam opened this issue Dec 26, 2024 · 18 comments
Closed

Ed25519 keys doesn't work #10117

n00bsteam opened this issue Dec 26, 2024 · 18 comments
Labels

Comments

@n00bsteam
Copy link

Describe the problem:
Looks like ed25519 keys not supported after start using russh on backend.

Got the error:

NoCommonAlgo { kind: Key, ours: ["ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "rsa-sha2-256", "rsa-sha2-512", "ssh-rsa"], theirs: ["ssh-ed25519"] }

To Reproduce:
Try to use ed25519 key

@Swiiney
Copy link

Swiiney commented Dec 26, 2024

Same here, really annoying.

Going back to previous version.

@Remonli
Copy link

Remonli commented Dec 26, 2024

Same situation.

Eugeny added a commit that referenced this issue Dec 26, 2024
@Eugeny
Copy link
Owner

Eugeny commented Dec 26, 2024

It's fixed in the nightly build now - could you give it a quick try before I cut a release?

@Remonli
Copy link

Remonli commented Dec 26, 2024

1.0.217 nightly not work on win11 24h2 , ed25519 key , after press accept and remember key , it froze and got log.txt like this:

debug: Setting language to
debug: Checking for updates
info: CLI arguments received: {"argv":{"$0":"Tabby.exe","_":[]},"cwd":"C:\\Users\\user\\Desktop\\tabby","secondInstance":false}
error: [object Object]
debug: Setting language to
debug: Setting language to
debug: Resizing to 145x33
info: Host key fingerprint:
info:  ecdsa-sha2-nistp256  bJuuLht9InXbaAoun88J0Bf2FUjsHWR17OY3/hRJJjc 
info: Host key verified

@cisco-devnet
Copy link

I can confirm - tried for tabby-1.0.217-nightly.0-linux-x64.AppImage - unfortunatelly not working

version:

sha256sum tabby-1.0.217-nightly.0-linux-x64.AppImage 
c2caa486d0738a4dc9202f4cda989fd035a5b00267646fc5c477514a4a871962  tabby-1.0.217-nightly.0-linux-x64.AppImage

result:

 SSH   ecdsa-sha2-nistp256  blebleble/blablabla 
 SSH  Loading private key: file:///home/user/.ssh/id_ecdsa
 SSH   !  Failed to load private key file:///home/user/.ssh/id_ecdsa: Error: Keys(CouldNotReadKey)

above (ecdsa keys) are working in 1.0.215 version (Linux amd64/Windows), but still in 1.0.217 is something broken here.

but the old algorithms toward old cisco switches is working here (for 1.0.217 :) ) - this is good. On the other hand in 1.0.215 where ecdsa is working ok, the connection to old cisco switches is not possible :/

hopefully you will manage to take working features from both versions and finally compile it to one ;-)

happy New Year!

@Eugeny
Copy link
Owner

Eugeny commented Dec 27, 2024

@cisco-devnet do your private key file header and footer include EC PRIVATE KEY? In this case removing EC and leaving PRIVATE KEY should fix this issue - I'll update it in the code in a bit

@Eugeny
Copy link
Owner

Eugeny commented Dec 27, 2024

@cisco-devnet double checked and if that doesn't help, your key might be in the old Putty format (PKCS#1) - in this case you could convert it to the new OpenSSH format using puttygen or similar

@Eugeny
Copy link
Owner

Eugeny commented Dec 27, 2024

@cisco-devnet triple checked and it could also be caused by RustCrypto/SSH#321, I'll make a new nightly tomorrow incorporating that PR

@Eugeny
Copy link
Owner

Eugeny commented Dec 28, 2024

New nightly build is available now - give it a try!

@famousprince
Copy link

famousprince commented Dec 29, 2024

Sadly doesn't work with 1.0.217-nightly.0 on Windows 23H2

 SSH  Connecting to somehost
 SSH  Host key fingerprint:
 SSH   ecdsa-sha2-nistp256  somepub
 SSH  Loading private key: file://somekey
 SSH   !  Failed to load private key file://somekey: Error: Keys(SshKey(Encoding(Length)))

@Eugeny
Copy link
Owner

Eugeny commented Dec 31, 2024

Could you please generate a new key with the exact same format and post it here?

P.S. there's a new nightly build with PPK key support available

@PauloHeaven
Copy link

I ran into the same issue, and there is no more ssh-ed25519 checkbox in the SSH profile settings.

X NoCommonAlgo { kind: Key, ours: ["ecdsa-sha2-nistp256", "ecdsa-sha2-nistp521", "rsa-sha2-256", "rsa-sha2-512", "ssh-rsa"], theirs: ["ssh-ed25519"] }

@Eugeny
Copy link
Owner

Eugeny commented Jan 1, 2025

@PauloHeaven this one is already fixed in the latest nighlty

@cisco-devnet
Copy link

cisco-devnet commented Jan 7, 2025

New nightly build is available now - give it a try!

Thanks for your effort, and appologise so long respond (i was at Christmas vacation).

So today i checked new nightly build for Linux (AppImage):

 sha256sum tabby-1.0.217-nightly.1-linux-x64.AppImage  75a0414a5d901dedc707d96ae3a70c2ab644a58d42da00326c71e9c8aab0fd10  tabby-1.0.217-nightly.1-linux-x64.AppImage

this time is even worse, as not only ecdsa key ssh connection fails, but old algs for older network devices (like cisco) fails too :(

My key has header/footer:

 -----BEGIN EC PRIVATE KEY-----
 -----END EC PRIVATE KEY-----

but the connection is not working with this footer nor with deleted EC it:

 -----BEGIN PRIVATE KEY-----
 -----END PRIVATE KEY-----

For both versions the same error:

  SSH   !  Failed to load private key file:///home/user/.ssh/id_ecdsa: Error: Keys(Der(Error { kind: TagUnexpected { expected: Some(Tag(0x30: SEQUENCE)), actual: Tag(0x04: OCTET STRING) }, position: Some(Length(5)) }))

And now for older cisco device (till this version this kind of connection worked) i have now this error:

  X  IO(Custom { kind: UnexpectedEof, error: "early eof" })

Best regards,

@xstefen
Copy link

xstefen commented Jan 7, 2025

Win11 Tabby 1.0.216.0
ed25519 key
header/footer -----BEGIN OPENSSH PRIVATE KEY-----/-----END OPENSSH PRIVATE KEY-----
ssh connection attempt returns:

 SSH  Connecting to cirrus
 X  NoCommonAlgo { kind: Key, ours: ["ecdsa-sha2-nistp256", "ecdsa-sha2-nistp521", "rsa-sha2-256", "rsa-sha2-512", "ssh-rsa"], theirs: ["ssh-ed25519"] }

edit:
Win11 build tabby-1.0.217-nightly.0-setup-x64.exe
connection succeeds but only after telling Tabby to remember the password otherwise enter password prompt loops

@Eugeny
Copy link
Owner

Eugeny commented Jan 8, 2025

@xstefen fixed in the nightly

@remkolems
Copy link

@xstefen fixed in the nightly

Confirmed: tabby-1.0.217-nightly.0-setup-x64 on Windows 11 23H2 indeed fixed all SSH key issues. I also noticed a huge speed increase in the login process. It is remarkedly fast.

Thanks for all your effort @Eugeny !

@Eugeny
Copy link
Owner

Eugeny commented Jan 8, 2025

EC PRIVATE KEY support will be available as soon as https://github.com/Eugeny/tabby/actions/runs/12668591985 passes as well

GitHub
A terminal for a more modern age. Contribute to Eugeny/tabby development by creating an account on GitHub.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

9 participants