guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Julien Nicoulaud <julien.nicoul...@gmail.com>
Subject Re: Can't get SSH key to work
Date Fri, 01 Mar 2019 21:07:43 GMT
I did some more digging and I found that:

   - RSA keys are only supported in PEM format. But since OpenSSH 7.8
   (2018), ssh-keygen changed its default format. I opened
   https://issues.apache.org/jira/browse/GUACAMOLE-745
   - ED25519 keys are definitely not supported, the key loading code
   explicitly looks for hardcoded RSA or DSA headers here:
   https://github.com/apache/guacamole-server/blob/master/src/common-ssh/key.c#L40
   I opened a feature request:
   https://issues.apache.org/jira/browse/GUACAMOLE-746

But both need to wait for a new libssh2 release including this commit:
https://github.com/libssh2/libssh2/commit/03092292597ac601c3f9f0c267ecb145dda75e4e

I guess error messages could be improved in the meanwhile though, as I will
probably not be the last one to hit these issues...

Le ven. 1 mars 2019 à 17:17, Nick Couchman <vnick@apache.org> a écrit :

> On Tue, Feb 26, 2019 at 2:57 PM Julien Nicoulaud <
> julien.nicoulaud@gmail.com> wrote:
>
>> No useful info in debug mode (see my first message, it has a log with
>> guacd debug logging)
>>
>
> Hmmm...not really sure what's going on, here.  I'm able to successfully
> use it with the following steps:
> - Guacamole from git master, with JDBC module
> - On the destination system, under the account I want to log in under
> (testuser), do "ssh-keygen -t rsa -b 1024" and don't set a passphrase
> - Add the public key to the authorized_keys file (actually, there were no
> other authorized_keys entries, so just copied .ssh/id_rsa.pub to
> .ssh/authorized_keys
> - Configure Guacamole SSH connection to the host, with a fixed username,
> and pasting in the private key with header and footer
> - Start the connection
>
> It connects fine - no issues, here.
>
> -Nick
>
>>

Mime
View raw message