can't unlock private key

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Generate a key pair; I use ssh-keygen on Linux, 2048-bit RSA, with
pass-phrase.
2. Copy key files to my Hero's SD card
3. Import private key into connectbot
4. Attempt to load key into memory

What is the expected output? What do you see instead?

I expect the key to be shown with key size, but it says "RSA unknown-bit".

I expect they key to turn green when I enter my pass-phrase, but it does
not, it just returns (no error) to showing it as red. And it clearly has
not been unlocked, as attempts to use it don't succeed.

What version of the product are you using (you can see this by using Menu
-> About in the Host List)?

r431

What type of system are you trying to connect to?

N/A

If you are able to connect, what is the output of "echo $TERM", "uname -a",
and any other relevant information on the host?

N/A

Please provide any additional information below.

This used to work, with the same key, with builds of 1.6-dev, but has not
worked for a few weeks (possibly longer); I don't update all that often.
One update I noticed it had stopped working (without changing key).

I tried a new key, just to be sure of the pass-phrase, but no change.

Original issue reported on code.google.com by cdmac...@gmail.com on 10 Dec 2009 at 1:41

[GoogleCodeExporter]

Try a newer build, but I'm not sure that it will give a change.

Original comment by kenny@the-b.org on 17 Dec 2009 at 7:29

[GoogleCodeExporter]

thanks; just tried r448, no change. Tried a new key, too.

happy to try any further debugging; this used to work well...

Original comment by cdmac...@gmail.com on 19 Dec 2009 at 1:37

[GoogleCodeExporter]

Do you get any logcat output when this happens?

Original comment by kenny@the-b.org on 12 Feb 2010 at 4:35

[GoogleCodeExporter]

apols for delay...

tried again with r493, and a 2048-bit RSA key generated by Connectbot itself, 
on the
Hero.

connectbot recognises the type of key now, but still fails to unlock it.

No output from logcat at the time of failure.

thanks much...

Original comment by cdmac...@gmail.com on 17 Mar 2010 at 3:34

[GoogleCodeExporter]

just tried a 1024-bit RSA key, too; same result

Is no-one else able to reproduce this problem?

Original comment by cdmac...@gmail.com on 17 Mar 2010 at 3:39

[GoogleCodeExporter]

Hi,

I have the same thing :

I use debian openssh server : SSH-2.0-OpenSSH_5.1p1 Debian-5

I generate ssh pair on debian server with the command :
ssh-keygen -t rsa -f id_rsa

When I import private key on ConnectBot, it display "RSA Unknown-bit"
And i'm not able to connect on server with this key !

Original comment by stormscr...@gmail.com on 18 Mar 2010 at 8:42

[GoogleCodeExporter]

I had an old version installed that worked perfectly but since updating the 
same key won't unlock. Anything I can do to help diagnose the issue?

Original comment by nusk...@gmail.com on 24 Jun 2010 at 4:09

[GoogleCodeExporter]

I have also tried it with a public/private key (ssh2 rsa 1024) w/ password and 
w/o password.
While importing: "Problem parsing imported private key."
Key works with putty/puttygen.

Original comment by ian.hoog...@gmail.com on 27 Aug 2010 at 9:17

[GoogleCodeExporter]

Now have new phone (Samsung Galaxy S), and tried Connectbot 1.7.0. 

Cannot reproduce this bug with that version, on that phone. Don't have original 
phone anymore, so can't tell if it's the change of phone/installation, or a fix.

But thanks much either way :)

Original comment by cdmac...@gmail.com on 13 Sep 2010 at 2:23

[GoogleCodeExporter]

it worked with: SSH2/RSA 2048-bit.

Original comment by cdmac...@gmail.com on 13 Sep 2010 at 2:24

[GoogleCodeExporter]

Hi, a have the same problem on my HTC Hero with Android 2.1 and Connect Bot 
1.7.0. So, I have dsa-private key file that was generated in putty format 
without password, i've converted it with the command "puttygen dsa.ppk -O 
private-openssh -o id_dsa_openssh" and put id_dsa_openssh on sdcard. When i 
import key on ConnectBot, it displays "DSA Unknown-bit"

Original comment by volay...@gmail.com on 17 Sep 2010 at 5:53

[GoogleCodeExporter]

P.S. id_dsa_openssh length - 2048 bit

Original comment by volay...@gmail.com on 17 Sep 2010 at 5:55

[GoogleCodeExporter]

I have the same problem. But it hasn't to do with the device or Connectbot 
version, because two weeks ago I could open the same key without problem. Today 
I tried again and had the problem described here. The key file hasn't changed 
since then.

Original comment by esocog...@gmail.com on 11 Dec 2010 at 11:02

[GoogleCodeExporter]

The same just happened to me on a Motorola Xoom running Android 3.1.  With 
ConnectBot 1.7.1 (v1.7.1 2010.10.08), I was able to unlock my key under Manage 
Pubkeys and then use it to ssh to a host with no trouble.  I rebooted my Xoom, 
and now it won't do it any more.  I've made sure that the key's secret 
passphrase is valid, that APG is able to encrypt/decrypt properly with the 
exact same sequence I'm trying to use with ConnectBot.  

I also tried selecting the specific key under Edit Host -> Use pubkey 
authentication, but it didn't change the result.

Using Log Toaster, it shows

E/ConnectBot.PubkeyListActivity( 2620): Bad password for key 'xoom.txt'. 
Authentication failed.
java.io.IOException: Decrypted PEM has wrong padding, did you specify the 
correct password?
at com.trilead.ssh2.crypto.PEMDecoder.removePadding(PEMDecoder.java:110)
at com.trilead.ssh2.crypto.PEMDecoder.decryptPEM(PEMDecoder.java:287)
at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:320)
at org.connectbot.PubkeyListActivity.handleAddKey(PubkeyListActivity.java:265)
at org.connectbot.PubkeyListActivity$4.onClick(PubkeyListActivity.java:251)
at 
com.android.internal.app.AlertController$ButtonHandler.handleMessage(AlertContro
ller.java:166)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:132)
at android.app.ActivityThread.main(ActivityThread.java:4025)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:491)
at 
com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:841)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:599)
at dalvik.system.NativeStart.main(Native Method)

I tried deleting the key in ConnectBot, re-importing it, and seeing if that'd 
make it unlock it, but no success.

Hope this helps.

B

Original comment by bren...@zen.org on 4 Jul 2011 at 6:05

[GoogleCodeExporter]

P.S. Uninstalling & reinstalling ConnectBot and re-importing the key doesn't 
seem to fix whatever is making unlocking fail. :(

Original comment by bren...@zen.org on 4 Jul 2011 at 6:38

[GoogleCodeExporter]

chmod 400 keyfile.pem

Original comment by xbj9...@gmail.com on 31 Aug 2011 at 2:55

[GoogleCodeExporter]

I've solved the problem of the key length not detecting properly. Keys produced 
using OpenSSH may use the below header:
-----BEGIN RSA PRIVATE KEY-----

ConnectBot recognizes keys that use this header:
-----BEGIN PRIVATE KEY-----

Removing the "RSA" bit makes the key recognize correctly. See my attached 
picture; both NoPassOpenSSH and NoPassOpenSSH2 are the exact same key, but the 
second has the correct header.

However, I still cannot connect with the key that recognizes correctly. I've 
tested the key with other SSH clients on my computer and have had no success. 
Any fixes for the failing pubkey authentication?

Original comment by databo...@gmail.com on 9 May 2012 at 12:14

Attachments:

• Screenshot_2012-05-09-06-07-18.png