Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved SSH connection with private key fails

    Guacamole
    ssh keys error bug
    2
    5
    2341
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • RubenFixit
      RubenFixit last edited by RubenFixit

      I've been trying to get a connection to work using SSH and private key for authentication. No matter what kind of ssh private key I use (with or without passphrase or different encryption method) I always get the same errors:

      Feb 24 13:13:18 guacd[318]: DEBUG: Attempting private key import (WITHOUT passphrase)
Feb 24 13:13:18 guacd[318]: DEBUG: Initial import failed: (null)
Feb 24 13:13:18 guacd[318]: DEBUG: Re-attempting private key import (WITH passphrase)
Feb 24 13:13:53 guacd[318]: ERROR: Auth key import failed: (null)

      I believe the issue is related to this: https://issues.apache.org/jira/browse/GUACAMOLE-1540

      The suggested solution is to update the guacamole-server docker build to use libssh2 1.9.0-3.

      Currently it is using libssh2 1.8.0-2

      Can you please update the dockerfile to use the newer version of libssh2?

      girish 2 Replies Last reply Reply Quote 0
      • girish
        girish Staff last edited by

        It seems support for the newer keys was just merged in Jan - https://github.com/apache/guacamole-server/commit/23612720ce3738e2fc579f57acd9d19eedf198fc . So, we have to wait for a new guacamole release. Until then, just use -m PEM to generate old style keys.

        1 Reply Last reply Reply Quote 1
        • girish
          girish Staff @RubenFixit last edited by

          @RubenFixit Will look into this. Since Cloudron's docker images are based on ubuntu 20.04, we have to see if the library is available readily.

          RubenFixit 1 Reply Last reply Reply Quote 1
          • girish
            girish Staff @RubenFixit last edited by

            @RubenFixit Got the time to look into this now. I can confirm guac is not able to connect with the latest SSH key format. You can identify the "latest" key format by looking into the private key file. The header will say -----BEGIN OPENSSH PRIVATE KEY----- . The old keys have the format -----BEGIN RSA PRIVATE KEY-----.

            To generate an old key use ssh-keygen -m PEM. With that, I can confirm it works:

            304e74c6-a628-44ee-9884-5f5b03fd5455-image.png

            It then connects:

            ec1f4dd4-83ad-4370-ac38-ff694108704b-image.png

            1 Reply Last reply Reply Quote 0
            • girish
              girish Staff last edited by

              It seems support for the newer keys was just merged in Jan - https://github.com/apache/guacamole-server/commit/23612720ce3738e2fc579f57acd9d19eedf198fc . So, we have to wait for a new guacamole release. Until then, just use -m PEM to generate old style keys.

              1 Reply Last reply Reply Quote 1
              • RubenFixit
                RubenFixit @girish last edited by

                @girish Thanks for looking into this!

                In the mean time I've also been able to get the connection to work by using the "old key" method.

                1 Reply Last reply Reply Quote 0
                • Topic has been marked as a question  girish girish 
                • Topic has been marked as solved  girish girish 
                • Referenced by  girish girish 
                • First post
                  Last post
                Powered by NodeBB