far2l
far2l copied to clipboard
Published
20 hours ago •
elfmz
elfmz
NetRocks: SSH-Agent auth fails again
I've looked at #627 and #247, but found no remedy.
libssh is new (the newest). SSH_AUTH_SOCK is set, and mc is able to open "shell links".
Compiled for libssh 0.10.4 ssh_version returned '0.10.4/openssl/zlib'
[2023/05/01 11:57:38.082019, 2] ssh_config_parse_line: Unapplicable option: SendEnv, line: 55
[2023/05/01 11:57:38.082598, 2] ssh_connect: libssh 0.10.4 (c) 2003-2022 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
[2023/05/01 11:57:38.084566, 2] ssh_socket_connect: Nonblocking connection socket: 8
[2023/05/01 11:57:38.084582, 2] ssh_connect: Socket connecting, now waiting for the callbacks to work
[2023/05/01 11:57:38.120644, 1] socket_callback_connected: Socket connection callback: 1 (0)
[2023/05/01 11:57:38.166612, 2] ssh_client_connection_callback: SSH server banner: SSH-2.0-OpenSSH_7.4p1-RHEL7-7.4p1-22 mdy1.0
[2023/05/01 11:57:38.166642, 2] ssh_analyze_banner: Analyzing banner: SSH-2.0-OpenSSH_7.4p1-RHEL7-7.4p1-22 mdy1.0
[2023/05/01 11:57:38.166652, 2] ssh_analyze_banner: We are talking to an OpenSSH server version: 7.4 (70400)
[2023/05/01 11:57:38.167685, 1] ssh_known_hosts_read_entries: Failed to open the known_hosts file '/etc/ssh/ssh_known_hosts': No such file or directory
Mouse: dwEventFlags=0x0 dwButtonState=0x0 dwControlKeyState=0x0
[2023/05/01 11:57:38.216608, 2] ssh_kex_select_methods: Negotiated curve25519-sha256,rsa-sha2-512,[email protected],[email protected],aead-poly1305,aead-poly1305,none,none,,
[2023/05/01 11:57:38.316805, 2] ssh_init_rekey_state: Set rekey after 134217728 blocks
[2023/05/01 11:57:38.316832, 2] ssh_init_rekey_state: Set rekey after 134217728 blocks
[2023/05/01 11:57:38.316855, 2] ssh_packet_client_curve25519_reply: SSH_MSG_NEWKEYS sent
[2023/05/01 11:57:38.316864, 2] ssh_packet_newkeys: Received SSH_MSG_NEWKEYS
[2023/05/01 11:57:38.317015, 2] ssh_packet_newkeys: Signature verified and valid
Using ssh-agent cuz SSH_AUTH_SOCK='/private/tmp/com.apple.launchd.mZplcGrLcj/Listeners'
[2023/05/01 11:57:38.317273, 1] ssh_agent_get_ident_count: Answer type: 12, expected answer: 12
HostRemote::ReInitialize: status=4 info='SSH-agent authentication failed'
NetRocks::OpBase('sftp:foobar-censored.com'): ERROR='SSH-agent authentication failed'
PipeIPCError: PipeIPCRecver: read (2)
11016 HostRemoteBrokerMain: PipeIPCRecver: read (2)
11016: HostRemoteBrokerMain: END
edit: After asking, I saw where to stuff the printfs. Now I know that ssh_userauth_agent() exits with code 1 (SSH_AUTH_DENIED) and an empty error message from ssh_get_error(ssh). Not that it helps much...
Log from my normal ssh -vv follows. It tries multiple keys, could it be the reason?
debug1: Found key in /Users/myuser/.ssh/known_hosts:9
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: ssh_fetch_identitylist: agent contains no identities
debug1: Will attempt key: /Users/myuser/.ssh/id_rsa
debug1: Will attempt key: /Users/myuser/.ssh/id_rsa RSA-CERT SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Will attempt key: /Users/myuser/.ssh/id_xxxxx ECDSA SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Will attempt key: /Users/myuser/.ssh/id_xxxxx ECDSA-CERT SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Will attempt key: /Users/myuser/.ssh/id_yyyyyyy
debug1: Will attempt key: /Users/myuser/.ssh/id_zzz
debug1: Will attempt key: /Users/myuser/.ssh/id_wwwwww
debug1: Will attempt key: /Users/myuser/.ssh/id_vvvvv
debug1: Will attempt key: /Users/myuser/.ssh/id_mmmmmmm
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/myuser/.ssh/id_rsa
debug1: Offering public key: /Users/myuser/.ssh/id_rsa RSA-CERT SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: send_pubkey_test: no mutual signature algorithm
debug1: Offering public key: /Users/myuser/.ssh/id_xxxxxx ECDSA SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Offering public key: /Users/myuser/.ssh/id_xxxxxx ECDSA-CERT SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: /Users/myuser/.ssh/id_xxxxxx ECDSA-CERT SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug2: sign_and_send_pubkey: using private key "/Users/myuser/.ssh/id_xxxxxx" for certificate
Authenticated to myuser-censored.com ([10.169.62.38]:22) using "publickey".
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
I think I'm onto something. I now see this error:
Authentication failed on ssh_userauth_agent: 'Setting method: no known public key algorithm ([email protected])'/1
I thought it was algorithm incompatibility with the server We are talking to an OpenSSH server version: 7.4 (70400), but but I can use ssh from the same openssh 0.10.4 on the server just fine.
Let's see if I can dig it up.
