search

amnezia-vpn / amnezia-client

Amnezia VPN Client (Desktop+Mobile)
https://amnezia.org
GNU General Public License v3.0
3.96k stars 269 forks source link

Amnezia VPN client fails to connect to the server with an RSA 3072 key #887

Open rominf opened 2 months ago

rominf commented 2 months ago

Describe the bug The AmneziaVPN client fails to connect to the server with an RSA 3072 key. The GUI displays ErrorCode: 101. Internal error, and in the console failed to export private key is printed.

To Reproduce Steps to reproduce the behavior:

  1. Generate RSA 3072 key using ssh-keygen -t rsa command (in my tests, the passphrase length or its absence does not matter).
  2. Set up a server in the cloud with the key from previous step added for the root user .
  3. Ensure ssh can connect to the server from the PC.
  4. Install AmneziaVPN on the PC.
  5. Launch AmneziaVPN.
  6. Click the "+" icon.
  7. Click "Configure your server".
  8. Fill in the IP-address, SSH username (root), and enter the RSA 3072 SSH private key (same as in step (1)).
  9. Click "Continue".
  10. (Optional, see (1)) Enter passphrase.
  11. (Optional, see previous step) Click "Save".
  12. Observe errors in the GUI, console, and logs.

Expected behavior The AmneziaVPN client connects to the server.

Log files

2024-07-08 16:23:48 info Logging has enabled on AmneziaVPN version 4.5.3.0 eb48e4b
2024-07-08 16:23:48 info Fedora Linux 40 (KDE Plasma) (x86_64)
2024-07-08 16:24:24 debug QML onClosing signal
2024-07-08 16:24:30 info Started AmneziaVPN version 4.5.3.0 eb48e4b
2024-07-08 16:24:30 info Fedora Linux 40 (KDE Plasma) (x86_64)
2024-07-08 16:25:23 debug failed to export private key

Screenshots (IP address is removed using a graphics editor)

Screenshot_20240708_161538

Desktop (please complete the following information):

Smartphone (please complete the following information):

Server (please complete the following information):

Additional context I found that the length of the SSH key passphrase or its absence does not matter. Adding an ED25519 key to the server and entering it into AmneziaVPN results in expected connection.

jinnko commented 1 month ago

Same issue with RSA key.

With ed25519 key rather than an error the UI just hangs after hitting save on the "Private key passphrase" input.

MaximBobylev commented 2 weeks ago

same problem on mac os sonoma - 4096 bit rsa failed, so i had to 

 ssh-keygen -t ed25519 -C "{my_email}"
 ssh-copy-id {my_server}

And then used .ssh/id_ed25519 for connection