On Mon, Jul 15, 2019 at 2:48 PM N1ghtm4r3x <133...@hotmail.nl> wrote:
> Hello, > > I tried multiple things but i cant get password protected ssh keys working, > without password everything works but as soon as i add a password it fails. > > guacd[424]: INFO: Connection "$b6b4eabe-279b-47f0-88a3-cb57046b8f4a" > removed., > guacd[424]: INFO: Creating new client for protocol "ssh", > guacd[424]: INFO: Connection ID is > "$005682b6-ce16-4df6-8efc-57cf104f4cec", > guacd[1135]: INFO: User "@914d0afe-a443-4204-b979-77a57c183aea" joined > connection "$005682b6-ce16-4df6-8efc-57cf104f4cec" (1 users now present), > 18:39:58.313 [http-nio-8080-exec-4] INFO o.a.g.tunnel.TunnelRequestService > - User "adminjbo" connected to connection "1"., > guacd[1135]: ERROR: Auth key import failed: bad decrypt, > This is your issue right here. This is related to guacd, but not guacd itself - libssh2 is actually what's importing and decrypting the keys. My guess is that one of a couple of things is going on: - You're using an unsupported key/encryption format. You indicated you tried multiple key formats and options, but this is still a possibility. I would stick with RSA 2048 for the purposes of testing, and just work with that until you get it working. - You're pasting it in a format that is truncating part of the key, and you're ending up with a bad key inside the line. Make sure you're pasting it into the box correctly - you should paste the entire key in OpenSSH PEM format. - You're using an incorrect key passphrase, you're not entering the decryption passphrase at all, or you're entering it in the wrong place (like the password parameter instead of the passphrase parameter). Please note that Guacamole does not currently prompt you for the passphrase for the key, so if you paste an encrypted SSH key into the box to use for authentication, you have to also provide the passphrase for decrypting it (in the Passphrase parameter). Please verify you have the above correct and try, again. Also, I would suggest a systematic approach - change one thing at a time until you get it working. -Nick