[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 RJVB changed: What|Removed |Added CC||rjvber...@gmail.com --- Comment #21 from RJVB --- (In reply to Roland Pallai from comment #20) > As it turned out it was a problem with my known_hosts file: key type > `ed25519` was present but correct syntax is `ssh-ed25519` for this type. In that case you were lucky, as my `known_hosts` file only has `ssh-ed25519` entries, and I still get this error: ``` An ssh-ed25519 host key for this server was not found, but another type of key exists. An attacker might change the default server key to confuse your client into thinking the key does not exist. Please contact your system administrator. ``` Annoyingly `sftp` itself connects just fine using the same URI (with the required additional slash after the hostname). (And I'm feeling stupid; I moved the ed25519 files out of the ~/.ssh directory on both hosts but the corresponding entry keeps getting added right back to my known_hosts file.) -- You are receiving this mail because: You are watching all bug changes.
[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 --- Comment #20 from Roland Pallai --- (In reply to Andreas Schneider from comment #19) > Please report the bug at libssh upstream: > https://gitlab.com/libssh/libssh-mirror/-/issues As it turned out it was a problem with my known_hosts file: key type `ed25519` was present but correct syntax is `ssh-ed25519` for this type. Sorry for the noise. -- You are receiving this mail because: You are watching all bug changes.
[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 --- Comment #19 from Andreas Schneider --- Please report the bug at libssh upstream: https://gitlab.com/libssh/libssh-mirror/-/issues -- You are receiving this mail because: You are watching all bug changes.
[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 --- Comment #18 from Roland Pallai --- (In reply to Roland Pallai from comment #17) > I still have an issue with kio-sftp if ed25519 type key is *present* in > known_hosts file for the host. It does not matter if correct rsa/ecdsa keys > are present - if there is ed25519 type key for the host, verification always > fails [1] and the hosts' ecdsa key will be appended to known_hosts file > every time I click 'connect'. > > This is a bad behavior regardless of supported key types - the correct > behaviour is that not supported key types must be ignored and supported key > type must be used. > > Should I file a new bug report that draws attention to this bad behavior > instead of supported key types..? > > [1] The authenticity of host [...] cannot be established. The > ecdsa-sha2-nistp256 key fingerprint is: [...] Are you sure you want to > continue connecting? > > Fedora 37 > kf5-kio-core-5.101.0-1.fc37.x86_64 > libssh-0.10.4-2.fc37.x86_64 After some digging I'm sure this is a libssh issue as ssh_session_is_known_server() returns with SSH_SERVER_NOT_KNOWN when ed25519 key is present in known_hosts. There is nothing to fix in kio-sftp.. -- You are receiving this mail because: You are watching all bug changes.
[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 Roland Pallai changed: What|Removed |Added CC||da...@magex.hu --- Comment #17 from Roland Pallai --- I still have an issue with kio-sftp if ed25519 type key is *present* in known_hosts file for the host. It does not matter if correct rsa/ecdsa keys are present - if there is ed25519 type key for the host, verification always fails [1] and the hosts' ecdsa key will be appended to known_hosts file every time I click 'connect'. This is a bad behavior regardless of supported key types - the correct behaviour is that not supported key types must be ignored and supported key type must be used. Should I file a new bug report that draws attention to this bad behavior instead of supported key types..? [1] The authenticity of host [...] cannot be established. The ecdsa-sha2-nistp256 key fingerprint is: [...] Are you sure you want to continue connecting? Fedora 37 kf5-kio-core-5.101.0-1.fc37.x86_64 libssh-0.10.4-2.fc37.x86_64 -- You are receiving this mail because: You are watching all bug changes.
[kio] [Bug 274170] sftp kio slave does not support new openssh known_hosts key format
https://bugs.kde.org/show_bug.cgi?id=274170 marenhachm...@yahoo.com changed: What|Removed |Added CC||marenhachm...@yahoo.com -- You are receiving this mail because: You are watching all bug changes.
