soft-serve icon indicating copy to clipboard operation
soft-serve copied to clipboard
verified publisher icon charmbracelet

Unable to login with my rsa key

Open Arkaeriit opened this issue 4 years ago • 7 comments

I configured my soft-serve server to only accept public key authentication. I am currently on the commit e8b5146.

For some strange reason, on one of my computer, the RSA key is not accepted by the server. When I run ssh -v I got the following output:

debug1: Authentications that can continue: publickey                                           
debug1: Next authentication method: publickey                                                  
debug1: Offering public key: /home/maki/.ssh/id_rsa RSA SHA256:uv+MKsX3MQHgDO5rlO0JenaP0oZbK87vcx+4BnOfr+4                                                                                     
debug1: send_pubkey_test: no mutual signature algorithm

On one of my other computer, the RSA key is accepted with no trouble:

debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:7F/em69/OfQsroSBri2JjxoCjsLB2qsVGGCA998vdUo                                                                                          
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:7F/em69/OfQsroSBri2JjxoCjsLB2qsVGGCA998vdUo                                                                                           
debug1: Authentication succeeded (publickey).

This is not a very problematic issue as I could solve it by using an ed25519 key instead of the ssh one but this is still very intriguing.

I do not know if that matter but the computer with the faulty behavior is running openSUSE Tumbleweed.

Arkaeriit avatar Dec 20 '21 12:12 Arkaeriit

Hi, thanks for reporting this. That's definitely odd. Can you try the latest version and see if you're still having the issue?

toby avatar Jan 11 '22 17:01 toby

I tried on the last version (0.1.3) and I have the same results, unable to use the RSA key because there is no mutual signature algorithm.

Arkaeriit avatar Jan 14 '22 12:01 Arkaeriit

Can confirm I'm having this issue too! Same error and everything. I detailed it in my issue thread here, I can provide any info that's needed!

wychwitch avatar Jan 21 '22 05:01 wychwitch

seems to be https://github.com/gliderlabs/ssh/issues/145

which in turn is a issue with x/crypto/ssh, which is fixed https://github.com/golang/go/issues/37278

seems like gliderlabs/ssh needs a dep update https://github.com/gliderlabs/ssh/issues/165 -> https://github.com/gliderlabs/ssh/pull/166

EDIT: there are still x/crypto/ssh changes pending merge https://github.com/golang/crypto/pull/197

caarlos0 avatar Jan 21 '22 12:01 caarlos0

Switching from x/crypto to rmohr/crypto would add both client and server support and fix this issue. The problem I see is that we would then be using a slightly out of date fork not officially maintained by the Go project.

quackduck avatar May 24 '22 00:05 quackduck

Any update on this?

It'd also be nice if the interface said to place your ssh keys, but not rsa-keys.

Andonome avatar Apr 01 '23 05:04 Andonome

https://github.com/golang/crypto/pull/197 is still unmerged...

caarlos0 avatar Apr 02 '23 20:04 caarlos0