ytti
ytti
Mohamed emailed me directly and I think the solution for this is likely highly unsatisfactory. The example that was shared the non-UTF8 byte was 0xC3. The solution @benamormed98 suggest, will...
buffer.rb#L342 error message should be ```raise NotImplementedError, "unsupported key type `#{type}'"```, suggesting key type is not RSA, DSA, ECDSA.
> FortiGate support ED25519 key, also net-ssh 5 and later support ed25519 ed25519 host keys work just fine - https://github.com/net-ssh/net-ssh/blob/master/lib/net/ssh/buffer.rb#L336 > Why buffer.rb script only support RSA, DSA, and ECDSA...
What needs to happen herei is that fortinet needs to be fixed, it needs to start advertiising its RSA key types correctly as `ssh-rsa`, instead of `rsa-sha2-512`. In the meanwhile,...
Unfortunately in the provided output, the line ```shell Apr 17 21:00:42 ubuntu2204 oxidized[21859]: /var/lib/gems/3.0.0/gems/net-ssh-7.2.3/lib/net/ssh/buffer.rb:342:in read_keyblob': unsupported key type > ``` Is truncated, and missing the actual type it is seeing...
> Also from that Net:SSH debug info, we can see FortiGate is using SSH-2.0-AqTN with host_key: ssh-ed25519 net-ssh-7.2.3 client successfully negotiated the connection with FortiGate host/server. why buffer.rb process key...
If you can arrange a 'broken' test host for me to connect to, I can look into this. I'd use 91.198.120.1 as source address.
> Thanks for you try to help me. I got it working again after using **when /^ssh-rsa$/, /^rsa-sha2-(256|512)$/** option. I will keep monitoring it for a few days. Do bear...
Are you sure you've correctly identified the problem, I suspect your problem is, some of your FortiGates are olrder ones, which advertise `ssh-rsa`, which work, and the moment you add...
> can we discuss it privately? avoid to leaking my firewall information to public. what's your e-mail address? Yes that's fine, [email protected]