Comments (16)
jestemkojak
commented on August 26, 2024
1
I would also recommend ecdsa-sha2-nistp256 which is a default for ubuntu servers.
Here's a list of what type of keys openssh client supports. It would be nice to have them all:
- ssh-rsa
- ssh-dss
- ssh-ed25519
- ecdsa-sha2-nistp256
- ecdsa-sha2-nistp384
- ecdsa-sha2-nistp521
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
from ssh.net.
VinsonY
commented on August 26, 2024
1
Does anyone know of a way to simply add ecdsa-sha2-nistp256 to the key exchange algorithm manually? I'm trying to connect to an SFTP site and it is telling me:
No suitable authentication method found to complete authentication (publickey,keyboard-interactive).
from ssh.net.
darinkes
commented on August 26, 2024
1
Just a short update, cause of interest and need I spend now some time to update SSH.NET in this area:
There are now working (at least on my machine ;)) Diffs for:
-
ECDSA (ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521) Host- and Private-Keys
#489 -
Support for Ed25519 Host- and Private-Keys
(which is currently just missing crypted OPENSSH-Keyformat support)
#492 -
WIP Support for EC KEX (curve25519-sha256, [email protected], ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521)
https://github.com/darinkes/SSH.NET-1/tree/ec_kex
If anybody wants to help and/or test those Diffs, it would be highly appreciated.
from ssh.net.
wskinner
commented on August 26, 2024
This issue is over a year old. Are there any plans to support modern ciphers and macs in SSH.NET?
from ssh.net.
sveeke
commented on August 26, 2024
I get the same errors. ed25519 keys can't be used. This is actually a dealbreaker since more and more defaults and policies are moving away from RSA in favour of ecdsa and ed25519.
from ssh.net.
darinkes
commented on August 26, 2024
I would also recommend ecdsa-sha2-nistp256 which is a default for ubuntu servers.
Here's a list of what type of keys openssh client supports. It would be nice to have them all:* ssh-rsa * ssh-dss * ssh-ed25519 * ecdsa-sha2-nistp256 * ecdsa-sha2-nistp384 * ecdsa-sha2-nistp521 * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected]) * [[email protected]](mailto:[email protected])
FYI, I'm working now on this PR #489 to be able to use ECDSA (no ed25519).
Real World Tests would be highly appreciated.
These Keys already work with this diff:
- ecdsa-sha2-nistp256
- ecdsa-sha2-nistp384
- ecdsa-sha2-nistp521
But I also want to take a look if these can be added accordingly:
from ssh.net.
commented on August 26, 2024
@darinkes repos are now deleted - does anyone have the code?
from ssh.net.
darinkes
commented on August 26, 2024
@voltagex it just moved => #496
from ssh.net.
drieseng
commented on August 26, 2024
@darinkes' changes have landed in the develop branch, and will be part of the next release.
from ssh.net.
ygoe
commented on August 26, 2024
@drieseng Is it safe to use the current develop branch snapshot? There hasn't been a release and this merge is almost a year ago, the last commit almost half a year. To be able to use it, I'd need to publish an unofficial NuGet package of a pre-release myself.
from ssh.net.
drieseng
commented on August 26, 2024
@ygoe There's a 2020.0.0-beta1 pre-release package., which should be safe to use.
from ssh.net.
ygoe
commented on August 26, 2024
Something isn't working here. When I try to use an Ed25519 key in OpenSSH format, I get this error message:
Exception: SshException
Message: cipher name aes256-ctr for openssh key file is not supported
StackTrace:
at Renci.SshNet.PrivateKeyFile.ParseOpenSshV1Key(Byte[] keyFileData, String passPhrase)
at Renci.SshNet.PrivateKeyFile.Open(Stream privateKey, String passPhrase)
at Renci.SshNet.PrivateKeyFile..ctor(String fileName, String passPhrase)
Hasn't this been included in the NuGet package version 2020.0.1?
Update: The aforementioned is for password-protected keys. Unprotected keys give me this error message instead:
Exception: ArgumentOutOfRangeException
Message: Error loading the private key: The requested length (6243) is greater than the actual number of bytes read (29).
Parametername: length
StackTrace:
at Renci.SshNet.Common.SshDataStream.ReadBytes(Int32 length)
at Renci.SshNet.Common.SshDataStream.ReadString(Encoding encoding)
at Renci.SshNet.PrivateKeyFile.ParseOpenSshV1Key(Byte[] keyFileData, String passPhrase)
at Renci.SshNet.PrivateKeyFile.Open(Stream privateKey, String passPhrase)
at Renci.SshNet.PrivateKeyFile..ctor(String fileName, String passPhrase)
at DotnetSshDeploy.Deploy.InitializeConnectionInfo() in C:\Source\Web\DotnetSshDeploy\DotnetSshDeploy\Deploy.cs:line 406
from ssh.net.
darinkes
commented on August 26, 2024
@ygoe can you try a build which includes this PR #614?
If not, could you tell me how you generated those keys and maybe sent me a keypair.
Thanks
from ssh.net.
ygoe
commented on August 26, 2024
That PR is still open, so I'm not sure where to get a build that includes it.
I just created it with puttygen, nothing fancy. Just create a new key with Ed25519, add its public part to the SSH config and export in any format, with and without password, until it may work. There are so many incompatible formats and puttygen does something else each time for each key type that I cannot predict what's going on.
from ssh.net.
darinkes
commented on August 26, 2024
Ok, made multiple test with puttygen and those keys work without an issue.
Encrypted keys fail in current release, cause PR #614 will add aes256-ctr for OpenSSH Format Keys.
Confirmed Encrypted Keys also work with PR #614.
puttygen: Release 0.74
Worflow: Selected Ed25519 -> [Generate] -> Conversions -> Export OpenSSH key -> Without Password [yes]
You can send me one of your failing keys to "stefan.rinkes at gmail.com" if you like.
from ssh.net.
darinkes
commented on August 26, 2024
@ygoe thanks for sending a test keypair. This really need #614 to be merged.
Here is the issue in the old code: https://github.com/sshnet/SSH.NET/pull/614/files#diff-5ff67ce9967b2cc4fc2bbeeb0668079c1f46873bdb011ce12ea67bc81c112dbcL484
Hardcoded length values.
Pinging @drieseng so he is aware there is an issue with current OpenSSH-Format Parser which "accidentaly" also got fixed by #614
from ssh.net.
Related Issues (20)
- updates at fedoraproject.org
- Well HOT 2
- CHM file not in Asset list on latest release. (2024.0.0) HOT 4
- RSA Cipher Encrypt method may truncate leading byte from created Signature, if that byte is 00, causing server validation failure HOT 2
- Q. Any chance this would work from a web-assembly app? HOT 2
- Multifactor SSH Client HOT 4
- SftpClient: how to resume upload/download? I.e. process SFTP command 'reput' & 'reget' HOT 2
- Update from 2020.0.2 to 2024.0.0, could not load System.Security.Cryptography.ECCurve HOT 2
- SSH.Net 2024.0.0 works for UWP but does not work for Android and iOS HOT 1
- SftpClient.ConnectAsync hangs HOT 5
- System.NotSupportedException: Request 'ping' is not supported. HOT 6
- Missing async methods.
- Support creating shell without PTY HOT 3
- SftpClient upload file doesn't work in UWP and Console applications. HOT 2
- System.Net.Sockets.SocketException (0x80004005): A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond HOT 1
- Typo: SftpFileSytemInformation
- New_key
- @Xtgdominated HOT 1
- Send CTRL+S over ShellStream HOT 1
- stream.SetLength() not truncating file HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh.net.