Support OpenSSH 8.8

[bwa-]

OpenSSH 8.8 has disabled RSA signatures made with SHA1 by default. This seems to make SSH.net incompatible with it. When trying to connect with an application using SSH.Net, I get the following error:

Permission denied (publickey).

On the destination machine, the following is logged for the sshd daemon:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms

In theory, regenerating keys with OpenSSH 8.8 should fix this problem, but in doing so, SSH.Net will no longer be able to read the new key, generating another error:

openssh key type: ssh-rsa is not supported

Sadly, I just have the stacktrace of the application I use for this, but maybe it helps:

Duplicati.Library.Interface.UserInformationException: Failed to parse the keyfile, check the key format and passphrase. Error message was openssh key type: ssh-rsa is not supported ---> Renci.SshNet.Common.SshException: openssh key type: ssh-rsa is not supported
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile.ParseOpenSshV1Key (System.Byte[] keyFileData, System.String passPhrase) [0x000c3] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile.Open (System.IO.Stream privateKey, System.String passPhrase) [0x00355] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile..ctor (System.String fileName, System.String passPhrase) [0x00023] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile..ctor (System.String fileName) [0x00000] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.ValidateKeyFile (System.String filename, System.String password) [0x0001f] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:    --- End of inner exception stack trace ---
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.ValidateKeyFile (System.String filename, System.String password) [0x000ac] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.CreateConnection () [0x0006e] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2+<List>d__42.MoveNext () [0x0002c] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Interface.BackendExtensions.TestList (Duplicati.Library.Interface.IBackend backend) [0x00017] in <0b09fcfcca1b440fab7c860158765270>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.Test () [0x00000] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTMethods.RemoteOperation.TestConnection (System.String url, Duplicati.Server.WebServer.RESTMethods.RequestInfo info) [0x000b7] in <3752ce5d8337471da6b77129cfa4bdbe>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTMethods.RemoteOperation.POST (System.String key, Duplicati.Server.WebServer.RESTMethods.RequestInfo info) [0x00094] in <3752ce5d8337471da6b77129cfa4bdbe>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTHandler.DoProcess (Duplicati.Server.WebServer.RESTMethods.RequestInfo info, System.String method, System.String module, System.String key) [0x00289] in <3752ce5d8337471da6b77129cfa4bdbe>:0

See https://www.openssh.com/txt/release-8.8 as well

[darinkes]

Its already everything merged, just needs a new NuGet Release.
See #614

[bwa-]

Its already everything merged, just needs a new NuGet Release. See #614

That's great news. Thanks!

[et1975]

Any chance of getting the package published? darkoperator/Posh-SSH#388 is held up because of it.

[darkoperator]

Version 3 is already out

…

Sent from my iPhone

On Sep 30, 2021, at 5:40 PM, Eugene Tolmachev ***@***.***> wrote:  Any chance of getting the package published? darkoperator/Posh-SSH#388 is held up because of it. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

[chrisdanna]

Any chance of publishing the package with this update soon? Even if a prerelease?

[dotan2401]

Hi,
Is the fix to support OpenSSH 8.8 can be found in the branch develop?
Is it possible to compile the code and use the DLL with the fix?

[dotan2401]

OpenSSH 8.8 has disabled RSA signatures made with SHA1 by default. This seems to make SSH.net incompatible with it. When trying to connect with an application using SSH.Net, I get the following error:

Permission denied (publickey).

On the destination machine, the following is logged for the sshd daemon:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms

In theory, regenerating keys with OpenSSH 8.8 should fix this problem, but in doing so, SSH.Net will no longer be able to read the new key, generating another error:

openssh key type: ssh-rsa is not supported

Sadly, I just have the stacktrace of the application I use for this, but maybe it helps:

Duplicati.Library.Interface.UserInformationException: Failed to parse the keyfile, check the key format and passphrase. Error message was openssh key type: ssh-rsa is not supported ---> Renci.SshNet.Common.SshException: openssh key type: ssh-rsa is not supported
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile.ParseOpenSshV1Key (System.Byte[] keyFileData, System.String passPhrase) [0x000c3] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile.Open (System.IO.Stream privateKey, System.String passPhrase) [0x00355] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile..ctor (System.String fileName, System.String passPhrase) [0x00023] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Renci.SshNet.PrivateKeyFile..ctor (System.String fileName) [0x00000] in <8c66a76a693c4e52b456ec0712c863dd>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.ValidateKeyFile (System.String filename, System.String password) [0x0001f] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:    --- End of inner exception stack trace ---
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.ValidateKeyFile (System.String filename, System.String password) [0x000ac] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.CreateConnection () [0x0006e] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2+<List>d__42.MoveNext () [0x0002c] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Interface.BackendExtensions.TestList (Duplicati.Library.Interface.IBackend backend) [0x00017] in <0b09fcfcca1b440fab7c860158765270>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Library.Backend.SSHv2.Test () [0x00000] in <64bc5fc0959e40abaaf59040a05bc63e>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTMethods.RemoteOperation.TestConnection (System.String url, Duplicati.Server.WebServer.RESTMethods.RequestInfo info) [0x000b7] in <3752ce5d8337471da6b77129cfa4bdbe>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTMethods.RemoteOperation.POST (System.String key, Duplicati.Server.WebServer.RESTMethods.RequestInfo info) [0x00094] in <3752ce5d8337471da6b77129cfa4bdbe>:0
Sep 29 20:31:18 htpc mono[1395173]:   at Duplicati.Server.WebServer.RESTHandler.DoProcess (Duplicati.Server.WebServer.RESTMethods.RequestInfo info, System.String method, System.String module, System.String key) [0x00289] in <3752ce5d8337471da6b77129cfa4bdbe>:0

See https://www.openssh.com/txt/release-8.8 as well

Is there any fix that we can use? Is there any workaround for the issue? Is there any way to create my keys in format which will be supported? Thanks :)

[lifeincha0s]

@dotan2401
OpenSSH only disabled the use of SHA-1 for signature algorithms by default. RSA keys are still allowable but must use a SHA-256/512 signature. The algorithms have been rebranded as "rsa-sha2-256" and "rsa-sha2-512" which essentially wrap the RSA public key inside of an "rsa-sha2-256" or "rsa-sha2-512" SSH_MSG_USERAUTH_REQUEST message. If you wish to know how the implementation works, refer to RFC-8332, Use of RSA Keys with SHA-256 and SHA512 in the Secure Shell (SSH) Protocol for more information.
A temporary solution can be found in #825 that does not require the library code to be modified.

[dotan2401]

@lifeincha0s, thanks it was very helpful