Open Atroskelis opened 5 months ago
I believe this is because net-ssh does not yet support RFC8332, so behaviour is expected. I'm sure upstream would accept PR adding the support.
The secondary concern is, that the code will raise upon seeing any unsupported host key, instead of waiting to receive at least one supported. I'm sure upstream would also accept PR for this secondary concern.
EDIT:
Looking further, I'm not able to reproduce this with OpenSSH server and net-ssh, it is possible that in this particular case, the far end incorrectly uses wrong string, when just ssh-rsa
should be used. I think RFC8332 is supported, but I'm not entirely confident.
Fixed by appending /^rsa-sha2-(256|512)$/
to when /^ssh-rsa$/
Not sure if this is tehnically ethical for a PR.
Fixed by appending
/^rsa-sha2-(256|512)$/
towhen /^ssh-rsa$/
Not sure if this is tehnically ethical for a PR.
I believe the fix would be non-sensical, as it would just allow incorrectly behaving far-end to work. If any fix should be submitted to net-ssh, the fix would be that it fails only if it can't find over 0 working hostkey, instead of failing on any it cannot parse.
Expected behavior
It should connect
Actual behavior
Gives an error
System configuration
Example App
where make_ssh_opts
You can use this as stating point:
results in
debug2: host key algorithms: rsa-sha2-512,ssh-ed25519