vscode-sftp icon indicating copy to clipboard operation
vscode-sftp copied to clipboard

Published 20 hours ago verified publisher icon Natizyskunk

Ubuntu 20.04 to 22.04 upgrade issue

Open bobbydank opened this issue 2 years ago • 15 comments

I upgraded a server from Ubuntu 20.04.4 LTS to 22.04.1 LTS. I have a configuration that worked before the upgrade and now does not work. It throws this fatal error when I try to connect:

All configured authentication methods failed.

The server is an EC2 server, and I use the AWS-generated key to SSH in. I can still SSH from the Mac terminal, and I can connect using Filezilla. So other connection methods work from my computer.

Here is a copy of my .sftp config file:

{
    "name": "My Server", 
    "host": "**redacted**", 
    "protocol": "sftp", 
    "port": 22, 
    "username": "ubuntu",
    "remotePath": "**redacted**", 
    "uploadOnSave": true, 
    "privateKeyPath": "/Users/**redacted**/.ssh/**redacted**.pem"
}

The error is fatal, so I don't have any errors to go by. Ideas? Is anyone else having this issue?

bobbydank avatar Sep 21 '22 19:09 bobbydank

Yes, i have similar issue on AWS EC2 Ubuntu 22.04.1 LTS

Newly generated AWS private key converted to ppk does not work (pem neither) With ppk private key on Windows 10 i get "No supported authentication methods available" The same key does not work on Putty 0.70, BUT does work on latest stable Putty 0.77 Newly generated with puttyget keypairs work with Putty 0.77 but not with the vscode-sftp

So i guess that's something new on Ubuntu/AWS which mismatches the extension SSH algorithmes/formats

Update: When i use generated ppk file from pem with new Puttygen, vscode-sftp extensions gives me "Cannot parse privateKey: Unsupported key format" error

Update2: I checked some other key pairs (generated 2 years ago with old Putty and used on Ubuntu 20) They all work with Putty and Xshell, and dont work with vscode-sftp extension connecting to Ubuntu 22.04.1 LTS on AWS EC2

altrusl avatar Sep 23 '22 03:09 altrusl

Same here after upgrading from 20.04 to 22.04.

I noticed in the logs on my remote server:

sshd[3520636]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

It seems like Ubuntu 2204 latest sshd server dropped support for ssh-rsa. I tried using "algorithms" in the docs and removing ssh-rsa but it didn't seem to work.

A temporary workaround could be editing /etc/ssh/sshd_config and adding back support by adding:

PubkeyAcceptedKeyTypes +ssh-rsa

However this is not secure

b34rduck avatar Sep 29 '22 01:09 b34rduck

PubkeyAuthentication yes PubkeyAcceptedKeyTypes=+ssh-rsa

Adding this to /etc/ssh/sshd_config didn't help me

altrusl avatar Sep 29 '22 05:09 altrusl

Are you seeing "userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms" in your /var/log/auth.log when you are trying to connect? That is what I was seeing and it went away after I added PubkeyAcceptedKeyTypes=+ssh-rsa and restarted sshd

Also im sure you did but after editing a service sshd restart is needed

b34rduck avatar Sep 29 '22 05:09 b34rduck

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

yes, that's what i see in auth.log and i restarted the sshd

altrusl avatar Sep 29 '22 05:09 altrusl

This workaround does not work all the time as can be seen from this discussion

altrusl avatar Sep 29 '22 05:09 altrusl

Please try to generate a new key-pair on the server using ssh-keygen. Then you should be able to connect again.

Natizyskunk avatar Sep 29 '22 19:09 Natizyskunk

I tried two times but unexpectedly with that public key in authorized_keys file the AWS EC2 instance becomes unreachible I have lost a lot of time with remounting the volume to another instance and deleting that key...

altrusl avatar Sep 30 '22 06:09 altrusl

@altrusl, Sorry to hear that 😕 I'll keep an eye on this issue and let you know whenever it's fixed.

Natizyskunk avatar Oct 01 '22 01:10 Natizyskunk

I'm used to your extension so I downgraded to ubuntu 20. But, yes, it's a pity that it doesn't work...

altrusl avatar Oct 01 '22 02:10 altrusl

Since ssh-rsa is no longer accepted, I had to generate a new ssh key pair using EdDSA (ssh-keygen -t ed25519) instead of the standard RSA, added the public key to my authorized_keys it's working for me.

laubsterboy avatar Oct 05 '22 15:10 laubsterboy

I'm used to your extension so I downgraded to ubuntu 20. But, yes, it's a pity that it doesn't work...

I made a temporary SSH user and allowed password login until the issue is resolved. Not ideal, but works as a temporary solution.

bobbydank avatar Oct 05 '22 15:10 bobbydank

As @jmcpheters explain it in his comment on the issue #188. You can try this :

One of the first things I tried when troubleshooting was to use a new key pair, but I generated it using the AWS default of RSA.

I tried a new ED25519 key pair and I can connect no problem.

Problem resolved. Yeah!

Please let me know if it work.

Natizyskunk avatar Oct 21 '22 03:10 Natizyskunk

hi, i have as it looks more or less the same issue. visual studio + vscode-sftp [pre-v1.16.2] + new RSA or ED25519 key pair's gives me since weeks this message "Cannot parse privateKey: Unsupported key format"

does anyone have a working workaround?

n00bster avatar Jan 15 '23 17:01 n00bster

As @jmcpheters explain it in his comment on the issue #188. You can try this :

One of the first things I tried when troubleshooting was to use a new key pair, but I generated it using the AWS default of RSA. I tried a new ED25519 key pair and I can connect no problem. Problem resolved. Yeah!

Please let me know if it work.

Hi ! Didn't work for me, still have "Cannot parse privateKey: Unsupported key format" i use Ubuntu 20.04.6 LTS. I have tried ed25519 but didn't work on 1.16.3, tried to downgrade to 1.16.1 but still doesn't work. Anybody have an idea on how to resolve this?

Edit : Solved by downgrading putty format key version 3 to version 2. (In putty Key>parameters for saving key files> check version 2 for ppk file version)

WypSteurSX avatar Feb 05 '24 10:02 WypSteurSX