search

loft-sh / devpod

Codespaces but open-source, client-only and unopinionated: Works with any IDE and lets you use any cloud, kubernetes or just localhost docker.
https://devpod.sh
Mozilla Public License 2.0
8.44k stars 311 forks source link

SSH host key algorithms #960

Closed neingeist closed 3 months ago

neingeist commented 4 months ago

What happened?

I set up DevPod (with mrsimonemms/devpod-provider-hetzner) and this worked beautifully, except I couldn't connect with SSH, which also breaks using VSCode (not the browser version).

It turns out that I needed special SSH configuration: HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512,ssh-rsa for DevPod, because I have my ssh configured to use HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519 (via Match final all).

What did you expect to happen instead?

That DevPod's SSH server provides ED25519. Or that the generated SSH client configuration sets HostKeyAlgorithms properly.

How can we reproduce the bug? (as minimally and precisely as possible)

Use this in .ssh/config:

Match final all
  HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519

Local Environment:

DevPod Provider:

Anything else we need to know?
I am not sure if the custom provider (Hetzner) changes anything.

neingeist commented 4 months ago

Workaround I found: I placed this in .ssh/config, before DevPod's part: 

Match host="*.devpod"
  HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512,ssh-rsa
neingeist commented 4 months ago

Other than this DevPod works nicely, even with my exotic provider! 🤩

pascalbreuninger commented 4 months ago

@neingeist thanks for opening the issue! We'll take a look at it but good thing you've found a workaround - might be useful for others in the future as well

neingeist commented 3 months ago

ssh (the client) is fixed but VSCode chokes on the above workaround, for now using this instead:

Host *.devpod
     HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512,ssh-rsa

AFAICT, this must be above DevPods other configuration for the project.