Comments (9)
This might be a multipart problem. Searching for "Failed to parse the keyfile" found things like the below. Do they apply here?
Baaahhh… authentication failing after upgrading ubuntu in Duplicati forum.
Support OpenSSH 8.8 #883 in SSH.NET
Issues -- they are Duplicati's SFTP. Issue solved as of 2023.0.0, but Duplicati needs it.
Support OpenSSH 8.8 #4615 is a Duplicati issue, suggesting using their 2023.0.0, however they've recently released 2023.0.1.
After getting past the keyfile parse, the next questions are if they support ecdsa-sha2-nistp521 (they seem to), and on mono
?
SFTP backup no longer working on Asustor NAS after patch was a big chase involving the developers, private builds, and some concern about 2023.0 compatibility. I haven't looked to see if 2023.0.1 looks better or worse generally, compared to 2023.0.0.
SSH can be tough to debug without logs or packets. Do you know your type of server? Best for a look is accessible on Internet.
from duplicati.
For me it does not look like a server problem, but that the client key is not supported and it does not even try to connect to the server.
It's an Ubuntu server with OpenSSH 8.9 Server.
from duplicati.
it does not even try to connect to the server.
I'm assuming you've verified that with something like network tools or pointing to a dead IP address yet having it fail instantly.
Then maybe it's the OpenSSH 8.8 issues that might be fixed in 2023.0.1. I'm not sure where that do-or-not decision is sitting...
from duplicati.
I'm assuming you've verified that with something like network tools or pointing to a dead IP address yet having it fail instantly.
Yes, even if I enter a dead IP address as the server, I immediately get the same error message.
from duplicati.
Then you probably need to wait for the cited SSH.NET update to get released in Duplicati (first in Canary channel, then in Beta).
It's an Ubuntu server with OpenSSH 8.9 Server.
OpenSSH 8.8 release note has a Potentially-incompatible changes
section on workaround thought, but it looks client-side, however it was enough of a model to Google search "sshd" "ssh-rsa" to find thoughts like the following (and a whole lot more):
How to enable ssh-rsa in sshd of OpenSSH 8.8? (I'm not going to guess which solution might work and fit your security needs)
from duplicati.
Then maybe it's the OpenSSH 8.8 issues that might be fixed in 2023.0.1
no it's not going to be fixed by 2023.0.1 (that will go in next Canary by the way)
This is most probably a Mono problem and as such never will be fixed as long as Duplicati is based on Mono.
So this is going to be a WontFix because going Net.xx (xx > 8) is not for tomorrow.
This said, I think that most modern configured OpenSSH server that do not support ssh-rsa key by default (that can be fixed at the server level of course by setting PubkeyAcceptedAlgorithms ssh-rsa) DO support ed25519 keys out of the box, that are working fine with Duplicati (even with current very old SSH.NET).
Edit: change unclear wording on what will be fixed.
from duplicati.
It looks like the new SSH.NET will also add rsa-sha2-512 rsa-sha2-256.
The problem with ecdsa anything is apparently that mono
can't do it...
from duplicati.
no it's not going to be fixed by 2023.0.1
Since that was said after update sshnet to 2023.0.1 #5101 pull request, I'll assume it was tested.
Trying to work out what SSH.NET is up to by reading their source code is a bit too tough for me.
This is most probably a Mono problem
Indicated by the SSH.NET issues, and if it was now worked around, I'd expect them to close them.
They seem pretty good at that, though not so good at documenting platform specific limitations.
was pointed to in one isssue. Note the NotImplementedException
.
https://github.com/mono/mono/blob/main/mcs/class/System.Core/System.Security.Cryptography/README.CNG
explains the Cng
classes as wrappers around the native Windows libraries, with some exceptions such as ECDsaCng.
Native Library Loading in .NET 5 gave some hope about "numerous changes in the available APIs",
but it doesn't seem released, and as .NET 5 was released soon after, .NET 5-mono might never be.
Introducing .NET 5 explains what Microsoft sees as the path forward for their cross-platform work.
never will be fixed as long as Duplicati is based on Mono.
It may be fixed in SSH.NET by using a different cryptography provider, but I don't know if it will be.
So what can user do? Three alternative algorithms got mentioned (not including the ancient ones).
If ecdsa-sha2-nistp521 is the only acceptable one somehow, see if rclone
can do it, then use the
Rclone storage provider in Duplicati to use rclone.
from duplicati.
I'll assume it was tested.
correct. It will fix some things but not this one.
Three alternative algorithms got mentioned
As I said, ed25519 is a good solution for this issue.
from duplicati.
Related Issues (20)
- can http report send supports POST with message in the body? HOT 3
- Violation of 15 U.S. Code §§ 7701-7713 HOT 2
- Encryption select has no options - AppService is not defined HOT 2
- snapshot-policy USN plus attribute exclude may exclude all selected files HOT 4
- Install fails on Ubuntu 24.04 LTS - unmet dependencies HOT 7
- Box.com authorization no longer works HOT 7
- Interrupted compact can leave extra hashes in volumes HOT 2
- Tray icon didn't show unpause on computer wake, while GUI icon did HOT 5
- I can't delete the backup job HOT 1
- Not working anymore auth_username ignored OpenStack v3 Infomaniak (2.0.8.1_beta_2024-05-07) HOT 5
- Missing null check in WindowsSnapshot.Dispose HOT 1
- Improve MSI HOT 2
- Direct restore fails with non-default blocksize HOT 7
- Bypass Duplicati Login Authentication Using DB Server-Passphrase HOT 1
- SQL statements using double quotes fail on FreeBSD HOT 3
- Remove the `use-ssl` flag and logic HOT 4
- duplicati-2.0.8.1-2.0.8.1_beta_20240507 rpm package executables do not have the correct mode HOT 1
- Incompatible NuGet packages for .NET 8 HOT 2
- New special environment variable DUPLICATI_BACKUP_SOURCES HOT 1
- AWS S3 region eu-south-2 not recognized HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from duplicati.