search

luvit / lit

Toolkit for developing, sharing, and running luvit/lua programs and libraries.
http://lit.luvit.io/
Apache License 2.0
249 stars 58 forks source link

'no start line' when running lit auth #300

Closed NotNite closed 3 years ago

NotNite commented 3 years ago

(Note: my setup is a bit cursed here, zsh on Windows via Git Bash; this isn't the fault of the error. I've tested this in PowerShell 5 and 7, same results.)

I'm trying out Luvit and went to run lit auth, when I was greeted with this rather cryptic error:

$ lit auth NotNite
lit version: 3.8.5
luvi version: v2.12.0
command: auth NotNite
load config: C:\Users\Julian\AppData\Roaming\litconfig
username: NotNite
name: NotNite
email: hi@notnite.com
privateKey: C:\Users\Julian\.ssh\lit
fail: [string "bundle:libs/core.lua"]:116: no start line
stack traceback:
        [C]: in function 'assert'
        [string "bundle:libs/core.lua"]:116: in function 'getKey'
        [string "bundle:libs/core.lua"]:357: in function 'authUser'
        [string "bundle:commands/auth.lua"]:63: in function <[string "bundle:commands/auth.lua"]:1>
        [string "bundle:main.lua"]:69: in function <[string "bundle:main.lua"]:56>
        [C]: in function 'xpcall'
        [string "bundle:main.lua"]:56: in function <[string "bundle:main.lua"]:48>

This is a fresh ssh-rsa key I just generated:

$ ssh-keygen -t rsa -C "lit"
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\Julian/.ssh/id_rsa): C:\Users\Julian\.ssh\lit
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in lit.
Your public key has been saved in lit.pub.

And a little test file recreating behavior:

local openssl = require("openssl")

local handle = io.open("C:\\Users\\Julian\\.ssh\\lit", "r")
local keyData = handle:read("*all")
handle:close()

local startsWithPrivKey = keyData:find("^-----BEGIN OPENSSH PRIVATE KEY-----") ~= nil
print("starts with private key: ", startsWithPrivKey)

local pkey = openssl.pkey.read(keyData, true)
print("pkey:", pkey)
print("openssl version:", openssl.version())
$ luvit test.lua
starts with private key:        true
pkey:   nil
openssl version:        0.7.8   Lua 5.1 OpenSSL 1.1.1g  21 Apr 2020

It's definitely a valid key, I was able to SSH into servers and pull Git repositories with it:

$ cat ~/.ssh/config | grep "Host github.com" -B 3
Host github.com
    Preferredauthentications publickey
    IdentityFile ~/.ssh/lit
    User git
$ git clone git@github.com:NotNite/NotNite.git
Cloning into 'NotNite'...
remote: Enumerating objects: 15, done.
remote: Counting objects: 100% (15/15), done.
remote: Compressing objects: 100% (10/10), done.
remote: Total 15 (delta 3), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (15/15), done.
Resolving deltas: 100% (3/3), done.

Am I doing something wrong? I know Lit requires RSA keys and assumes ~/.ssh/id_rsa to be the path of the file, but:

Since I got the same error from my ed25519 key, I'm assuming this is because it's failing to parse it. Why it would be, I have no clue.

(Also, uh, anyone there? The newest issue was last interacted with 29 days ago... is this abandoned? I can't tell...)

Bilal2453 commented 3 years ago

Yeah, I've noticed this issue like a month ago or so, it is not a bug. Here how it goes:

  1. Lit only accept PEM body armor.
  2. OpenSSH at some point changed the default of keygen.
  3. Due to that, in order to make it work with Lit you need to generate it with keygen -t rsa -b 4096 -C "your_email@example.com" -m PEG (notice the -m PEM).
Bilal2453 commented 3 years ago

And I can definitely guarantee you it is not abandoned xD

edit: I will be making a change on the Wiki to indicate this nowadays required flag to keygen

NotNite commented 3 years ago

That worked! Thank you so much!

$ ssh-keygen -t rsa -b 4096 -m PEM -C "lit"
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\Julian/.ssh/id_rsa): ./lit
./lit already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ./lit.
Your public key has been saved in ./lit.pub.
$ lit auth notnite
lit version: 3.8.5
luvi version: v2.12.0
command: auth notnite
load config: C:\Users\Julian\AppData\Roaming\litconfig
username: notnite
name: NotNite
email: hi@notnite.com
privateKey: C:\Users\Julian\.ssh\lit
# omitted because i'm not sure if this is private or not lol
update config: C:\Users\Julian\AppData\Roaming\litconfig
done: success
$

Thanks for also changing the wiki, I'm sure it'll save some other tired developers trying to make individual keys.

truemedian commented 3 years ago

For clarification for any further users who make it here: openssh's ssh-keygen command defaults to outputting public and private keys in the RFC4716 "SSH Public Key File Format" rather than the older RFC1421 PEM format that lit auth expects.

This can be fixed by passing along the -m PEM flag which will generate the "correct" key format.

Another thing to note is that even with the fall in popularity in RSA keys in favor of ED25519, RSA currently remains as the only way to use lit auth