ssh passphrase never accepted

[sourcefrog]

I generated an SSH keypair on my Linux VM, and I want to put the key into Mosh on my Chromebook.

However I'm finding that Mosh never seems to successfully unlock the key: when I type the passphrase correctly it prompts for the passphrase again. If I set the passphrase to empty and re-import the private key, the same thing happens.

I can use the same key to ssh from the Linux VM back in to itself with ssh -i id_rsa_pixelbook localhost and that works as expected either with a passphrase or not.

The key block I'm pasting in starts with

-----BEGIN OPENSSH PRIVATE KEY-----

and I checked I got everything up to and including the END line.

I've noticed that if I just put garbage in the SSH key import field, I get the same behavior, so maybe it's somehow failing to parse the key I'm adding? Is there any way to get a detailed error message?

[sourcefrog]

I tried the same key with the Chrome secure shell app 0.9. In that case I had to import both the private and public keys, and from files rather than copy/paste. But the same key worked there: I typed the passphrase once and then established a connection.

[sourcefrog]

Strangely enough a newly-generated ed25519 key does work, so that's great.

But, at least some kind of error message about why it doesn't like my existing key would be nice.

[laborer]

I have the same problem with the version installed from chrome web store. RSA or ECDSA key does not work, but ED25519 key is fine.

[DrJosh9000]

Me too: my usual ECDSA key doesn't work, but a new Ed25519 key works.

[kswope]

Same here, here's the way I generated the key on a mac

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"

Without this issue I never would have gotten this to work. What is really strange is I had this working before a powerwash a few hours ago, and I've never generated a ED25519 key before.

Recap: It worked with my older key that was already added (for a year or more), then I power washed, and it never worked again until I switched to the ED25519 key, so maybe it is only saving the new keys correctly, but if they are already in there, its no problem?

[spencersun]

I generated an SSH keypair on my Linux VM, and I want to put the key into Mosh on my Chromebook.

However I'm finding that Mosh never seems to successfully unlock the key: when I type the passphrase correctly it prompts for the passphrase again. If I set the passphrase to empty and re-import the private key, the same thing happens.

I just wasted an embarrassing amount of time chasing down the same problem, with an RSA key I generated directly on my Chromebook.

The key block I'm pasting in starts with

-----BEGIN OPENSSH PRIVATE KEY-----

This is apparently not the correct format. Something about RFC4716 vs. PEM (I am, obviously, not an expert here, but the below fumbling is what got my setup to work)

Following the instructions here: https://unix.stackexchange.com/a/529815

I ran

ssh-keygen -p -f ~/.ssh/id_rsa -m pem

which replaces the key in-place, and my key now starts with

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED

and upon pasting this version of the key into mosh, I am able to unlock my private key with my passphrase.

IMO minimally this page: https://github.com/rpwoodbu/mosh-chrome/wiki/Key-based-ssh-Authentication

should be updated with this info, and it would be even better if the app could recognize the OPENSSH marker and either reject it with a helpful error (and better still if it just accepted this key format :-) )

[sourcefrog]

@spencersun's comment from https://github.com/rpwoodbu/mosh-chrome/issues/196#issuecomment-569399018 worked for me.

It would be great if some text warning about this was added to https://github.com/rpwoodbu/mosh-chrome/wiki/Key-based-ssh-Authentication. The wiki's not publicly editable, and it looks like there's no way to send PRs for wikis.