Bug in ED25519 ssh connection
I guess this message says that the key file isn't start with "-----BEGIN OPENSSH PRIVATE KEY-----" line.
Please check the key file which you specified.
Hi Maya,
I checked the key and tried the key on a differenet pc with native OpenSSH and the key is working and starts with
....
I am sure that is a Teraterm problem because I could verify that other Public Keys are working and the Key is working.
Kind Regards S.
I added some messages to debug. Please let us know the message.
Hi Maya,
Here ist the error message. If you need more please let me know
read error SSH2 private key file
error:0906D06C:PEM routines:PEM_read_bio:no start line
keyfile=id_ed25519, keyfile_type=1, key_pair==NULL
Kind regards S.
It seems error message is broken.
If your key has no passphrase, please add a passphrase. The KDF key which has no passphrase is not able to use for authentication. (ED25519 key is force KDF)
I add a passphrase to the key and now it works. Strange that the key without a passphrase works with Cygwin. Please add for the 4.86 a possibility for a ED25519 key authentication without a passphrase. Thank you for the help!
Hi,
I tried ED25519 key without passphrase on Cygwin. But it was rejected by ssh command.
Windows 7 64bit Cygwin 1.7.33-2 32bit OpenSSH 6.7p1 debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering ED25519 public key: /cygdrive/c/sshkey/id_ed25519 debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx debug1: key_load_private_type: incorrect passphrase supplied to decrypt private key Enter passphrase for key '/cygdrive/c/sshkey/id_ed25519': debug2: no passphrase given, try next key debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive
How did you login with the non-passphrase key?
Hi,
I use Windows 7 64bit, Cygwin 1.7, OpenSSH_6.6.1, Server is OpenSSH_6.7 I created a ED25519 key with ssh-keygen and NO password then ssh -l ss IP success! Tried it with 3 different OpenSSH server (Ubuntu OpenSSH 6.6, Native OpenSSH 6.7 on a OpenBSD and OpenSSH 6.7 on Debian) Never needs any password for this key. Here the debug information
debug1: Connection established. debug1: identity file /home/ss/.ssh/id_ed25519 type 4 debug1: identity file /home/ss/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7 debug1: match: OpenSSH_6.7 pat OpenSSH* compat 0x04000000 .... debug1: Offering ED25519 public key: /home/ss/.ssh/id_ed25519 debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp ab:28:..... debug1: Authentication succeeded (publickey). Authenticated to IP (IP:22).
Here debug with better format
debug1: Connection established.
debug1: identity file /home/ss/.ssh/id_ed25519 type 4
debug1: identity file /home/ss/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7
debug1: match: OpenSSH_6.7 pat OpenSSH* compat 0x04000000 .... debug1: Offering ED25519 public key: /home/ss/.ssh/id_ed25519
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug2: input_userauth_pk_ok: fp ab:28:.....
debug1: Authentication succeeded (publickey).
Authenticated to IP (IP:22).
I fixed this issue.
1. use of KDF format private key without passphrase for auth.
2. save of KDF format private key without passphrase.
http://ttssh2.sourceforge.jp/snapshot/snapshot-20150129.zip
Note: the key that was generated and saved without passphrase by past TeraTerm(TTSSH) is not valid.
Thank you for fixing!
Tera Term
Hi,
I use Teraterm in the latest version 4.85 and tried the new ECC key ED25519. I followed http://ttssh2.sourceforge.jp/manual/en/usage/ssh.html to generate a ED25519 key and copied it to the authorized_keys on the target.
I tried to connect and got at once this error message read error SSH2 private key file error:0906D606C:PEM routines:PEM_read_bio:no start line
BUT I got this only if I am using a ED25519 key!! I tried all other keys RSA, DSA, ECDSA and they work!
I take the with Teraterm generated key and used it in a Cygwin installation and could immediatley connect to the target.
So the bug is not in the keygen, it is in handling the key.
Kind regards, S.