Open Ben-Voris opened 1 year ago
Ben-Voris
commented
1 year ago "About NppFTP" reports a libssh version. But the version number makes me wonder if NppFTP uses libssh2, not libssh. The two are completely different.
If NppFTP uses libssh2, please change "About NppFTP" to reflect that.
libssh offers ssh_options_parse_config().
For libssh2, this might be interesting libssh2 APIs to configure different algorithms
chcg
commented
1 year ago See https://github.com/ashkulz/NppFTP/blob/master/build_3rdparty.py#L91 on usage of libssh.
Could you please check if https://github.com/ashkulz/NppFTP/releases/tag/v0.29.11 fixes your problem.
If this is not the case, see
https://www.libssh.org/2022/08/26/libssh-0-10-0/
for RSA there are some changes:
Maybe the problem arises from that. In this case it would be helpful to known if the plugin version v0.29.9 before the change to libssh 0.10.x is still working.
Ben-Voris
commented
1 year ago I overwrite the contents of "%ProgramFiles%\Notepad++\plugins\NppFTP" with the files from https://github.com/ashkulz/NppFTP/releases/download/v0.29.11/NppFTP-x86.zip. After doing that, "About NppFTP" shows "0.29.11 Unicode".
This release does not revolve the problem.
The keys I must use are in a format that later OpenSSH releases do not accept by default. This is why I have the entries in ~/.ssh/config that I show above.
Since you are using libssh, ssh_options_parse_config() appears to be an option.
https://github.com/ashkulz/NppFTP/releases/tag/v0.27.6 works with the keys I have.
Ben-Voris
commented
1 year ago 
Parsnip
commented
1 year ago Seems I have the same issue over here, and rolling back to v0.29.9 fixed it.
iwl
commented
1 year ago I can't connect with dsa either, same key which worked all the time and still works with cygwin where it's from. So I fiddled with some rsa type and the keys from linux sub system, nothing works.... https://github.com/ashkulz/NppFTP/releases/tag/v0.29.9 works for me also
sargearmstrong
commented
1 year ago I confirm (without having tested other versions) that this issue is not present in version 0.30.12 unicode. Discovered by accident so thought I'd share. Thanks.
Parsnip
commented
1 year ago I confirm (without having tested other versions) that this issue is not present in version 0.30.12 unicode. Discovered by accident so thought I'd share. Thanks.
I'd guess that's expected since that version is still using the older libssh version.
Currently the last versions not experiencing this issue are v0.29.9 and pre-release v0.30.13.
TikursewMe
commented
1 year ago I can't connect with dsa either, same key which worked all the time and still works with cygwin where it's from. So I fiddled with some rsa type and the keys from linux sub system, nothing works.... https://github.com/ashkulz/NppFTP/releases/tag/v0.29.9 works for me also
Thanks this worked for me as well. something wrong with the latest version
chcg
commented
1 year ago See https://stackoverflow.com/questions/76572797/libssh-public-key-authentication-failed-the-key-algorithm-ssh-rsa-is-not-all . ssh-rsa seems to be using insecure sha1 and therefore likely disabled by libssh:
ssh-rsa is deprecated for a reason though, because it uses the insecure SHA-1 hash algorithm. If you need to connect to an old system that runs an OpenSSL version before 7.2 (when the rsa-sha2-* algorithms were introduced), then ssh-rsa is the only way you can do public key authentication against such a system, so you kind of have not much of a choice.
Ben-Voris
commented
1 year ago Because many hosts cannot be updated, OpenSSH allows one to override that setting.On Jul 12, 2023, at 13:00, chcg @.***> wrote: See https://stackoverflow.com/questions/76572797/libssh-public-key-authentication-failed-the-key-algorithm-ssh-rsa-is-not-all . ssh-rsa seems to be using insecure sha1 and therefore likely disabled by libssh:
ssh-rsa is deprecated for a reason though, because it uses the insecure SHA-1 hash algorithm. If you need to connect to an old system that runs an OpenSSL version before 7.2 (when the rsa-sha2-* algorithms were introduced), then ssh-rsa is the only way you can do public key authentication against such a system, so you kind of have not much of a choice.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>
vrubleg
commented
4 months ago Had the same issue on NppFTP v1.29.13, had to roll back to v0.29.9. Thanks for the suggestion.
Description of the Issue
Cannot connect to a sftp server that offers only ssh-rsa.
OpenSSH can connect to such a host.
Steps to Reproduce the Issue
Expected Behavior
sftp plugin should honor the ssh config file. This allows allows one to configure
Actual Behavior
Connection is rejected.
NppFTP Output
[SFTP] Connection failed : kex error : no match for method server host key algo: server [ssh-rsa], client [rsa-sha2-512,rsa-sha2-256,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256]Debug Information
NppFTPversion: 0.29.10 Unicode with libssh version 0.10.0
Cygwin and Ubuntu sftp work with a host like this because they honor the ~/.ssh/config file which, for a host like this, contains
For example:
sftp -v user@host OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020 debug1: Reading configuration data /home/user/.ssh/config ... debug1: Authenticating to host:22 as 'user' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-rsa ... debug1: Offering public key: /home/user/.ssh/id_rsa RSA SHA256:/wbB/... debug1: Server accepts key: /home/user/.ssh/id_rsa RSA SHA256:/wbB/... debug1: Authentication succeeded (publickey).