You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@guacamole.apache.org by Yang Yang <yy...@icloud.com.INVALID> on 2022/05/01 07:19:16 UTC

Re: SSH failed: no matching host key type found

HI Nick,

The version of libssh2 is 1.8.0-2.1, as below.

# dpkg -l | grep ssh
libssh-gcrypt-4:amd64                0.9.3-2ubuntu2.2                 amd64        tiny C SSH library (gcrypt flavor)
libssh2-1:amd64                      1.8.0-2.1build1                  amd64        SSH2 client-side library
libssh2-1-dev:amd64                  1.8.0-2.1build1                  amd64        SSH2 client-side library (development headers) 

Thanks,
Yang

> On May 1, 2022, at 05:17, Nick Couchman <vn...@apache.org> wrote:
> 
> On Sat, Apr 30, 2022 at 12:14 PM Yang Yang <yy...@icloud.com.invalid> wrote:
> Hi Nick,
> 
> Thank you very much for the prompt response!
> 
> Guacamole/guacd is running on Ubuntu 20.04.4 LTS docker, with libssh2.so.1.0.1.
> 
> This doesn't really tell the overall version of libssh2 - the version of the dynamic library doesn't usually match up to the package version.
> 
> -Nick

Re: SSH failed: no matching host key type found

Posted by Yang Yang <yy...@icloud.com.INVALID>.

Thank you very much for the clarification, Nick! I’m going to upgrade libssh2 to the latest.

Thanks,
Yang

> On May 6, 2022, at 07:28, Nick Couchman <vn...@apache.org> wrote:
> 
> On Thu, May 5, 2022 at 6:54 PM Michael Jumper <mjumper@apache.org <ma...@apache.org>> wrote:
> On Sun, May 1, 2022 at 12:36 AM Yang Yang <yy...@icloud.com.invalid> wrote:
> Hi Nick,
> 
> I found that only ssh-rsa and ssh-dss are mentioned in ssh_agent.c <https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/ssh/ssh_agent.c#L59>, does that mean other algorithms are currently not supported?
> 
> No, ssh_agent.c only deals with SSH agent forwarding support which is not in play here. For authentication with an SSH server, any key format supported by the libssh2 library present on the system can be used.
> 
> 
> Also, if you're using Ubuntu with libssh2 1.8.0, you probably don't have support for some of the host key algorithms, According to their change log, 1.9.0 introduced support for ECDSA and ED25519 key support, so you'll probably need to bump up the version of libssh2. It's pretty easy to build manually, so shouldn't be too difficult, or find a distribution that includes it by default.
> 
> -Nick

Re: SSH failed: no matching host key type found

Posted by Nick Couchman <vn...@apache.org>.

On Thu, May 5, 2022 at 6:54 PM Michael Jumper <mj...@apache.org> wrote:

> On Sun, May 1, 2022 at 12:36 AM Yang Yang <yy...@icloud.com.invalid>
> wrote:
>
>> Hi Nick,
>>
>> I found that only ssh-rsa and ssh-dss are mentioned in ssh_agent.c
>> <https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/ssh/ssh_agent.c#L59>,
>> does that mean other algorithms are currently not supported?
>>
>
> No, ssh_agent.c only deals with SSH agent forwarding support which is not
> in play here. For authentication with an SSH server, any key format
> supported by the libssh2 library present on the system can be used.
>
>
Also, if you're using Ubuntu with libssh2 1.8.0, you probably don't have
support for some of the host key algorithms, According to their change log,
1.9.0 introduced support for ECDSA and ED25519 key support, so you'll
probably need to bump up the version of libssh2. It's pretty easy to build
manually, so shouldn't be too difficult, or find a distribution that
includes it by default.

-Nick

Re: SSH failed: no matching host key type found

Posted by Michael Jumper <mj...@apache.org>.

On Sun, May 1, 2022 at 12:36 AM Yang Yang <yy...@icloud.com.invalid> wrote:

> Hi Nick,
>
> I found that only ssh-rsa and ssh-dss are mentioned in ssh_agent.c
> <https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/ssh/ssh_agent.c#L59>,
> does that mean other algorithms are currently not supported?
>

No, ssh_agent.c only deals with SSH agent forwarding support which is not
in play here. For authentication with an SSH server, any key format
supported by the libssh2 library present on the system can be used.

- Mike

Re: SSH failed: no matching host key type found

Posted by Yang Yang <yy...@icloud.com.INVALID>.

Hi Nick,

I found that only ssh-rsa and ssh-dss are mentioned in ssh_agent.c <https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/ssh/ssh_agent.c#L59>, does that mean other algorithms are currently not supported?

Thanks,
Yang

> On May 1, 2022, at 15:19, Yang Yang <yy...@icloud.com> wrote:
> 
> HI Nick,
> 
> The version of libssh2 is 1.8.0-2.1, as below.
> 
> # dpkg -l | grep ssh
> libssh-gcrypt-4:amd64                0.9.3-2ubuntu2.2                 amd64        tiny C SSH library (gcrypt flavor)
> libssh2-1:amd64                      1.8.0-2.1build1                  amd64        SSH2 client-side library
> libssh2-1-dev:amd64                  1.8.0-2.1build1                  amd64        SSH2 client-side library (development headers) 
> 
> Thanks,
> Yang
> 
>> On May 1, 2022, at 05:17, Nick Couchman <vnick@apache.org <ma...@apache.org>> wrote:
>> 
>> On Sat, Apr 30, 2022 at 12:14 PM Yang Yang <yy8402@icloud.com.invalid <ma...@icloud.com.invalid>> wrote:
>> Hi Nick,
>> 
>> Thank you very much for the prompt response!
>> 
>> Guacamole/guacd is running on Ubuntu 20.04.4 LTS docker, with libssh2.so.1.0.1.
>> 
>> This doesn't really tell the overall version of libssh2 - the version of the dynamic library doesn't usually match up to the package version.
>> 
>> -Nick
>