[jira] [Commented] (GUACAMOLE-1504) SSH public key authentication fails with "Unable to extract public key from private key"

Wed, 19 Jan 2022 12:40:04 -0800 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1504?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17478957#comment-17478957
 ] 

Mike Jumper commented on GUACAMOLE-1504:
----------------------------------------

Looks like this is tied to the crypto backend that libssh2 was built against. 
If libssh2 was built against OpenSSL, things work. If libssh2 was built against 
libgcrypt, things fail.

The error itself is very vague, an issue that libssh2 addressed for their 
1.10.0 release (see [libssh2 commit 
58ae048c|https://github.com/libssh2/libssh2/commit/58ae048c92753e869ea7638bf3d30f4f4cd0ca3f]).
 Manually building a copy of 1.10.0 against libgcrypt, the error message is:

{code:none}
ERROR:  Public key authentication failed: Unable to extract public key from 
private key in memory: Method unimplemented in libgcrypt backend
{code}

Indeed, the ability to read keys from memory is entirely unimplemented for the 
libgcrypt backend of libssh2:

https://github.com/libssh2/libssh2/blob/30fc410b972e6dec87c248c0fedbff28cfa18f17/src/libgcrypt.c#L154-L163

I don't think there is anything we can do about this except to ensure the 
Docker image has a more recent version of libssh2 that is built against OpenSSL 
instead of libgcrypt.

> SSH public key authentication fails with "Unable to extract public key from 
> private key"
> ----------------------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-1504
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1504
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-server
>    Affects Versions: 1.5.0
>         Environment: docker with last github version
>            Reporter: PRAT
>            Assignee: Mike Jumper
>            Priority: Major
>
> Hi,
>  
> I tried guacd with last commit at (GUACAMOLE-745) and my ssh connexions don't 
> work anymore.
>  
> I have error:
> -----
> guacd[5107]: INFO: Auth key successfully imported.
> guacd[5107]: ERROR: Public key authentication failed: Unable to extract 
> public key from private key.
> -----
>  
> I tried to convert ssh private key (RSA) to format OPENSSH ("BEGIN OPENSSH 
> PRIVATE KEY"), but same result/error.
>  
> Thanks for your help.
> Lionel



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to