Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

failed to start SSH session: unable to exchange encryption keys #1809

Open
abdeldjalil-fellah opened this issue Jul 15, 2020 · 8 comments
Open

failed to start SSH session: unable to exchange encryption keys #1809

abdeldjalil-fellah opened this issue Jul 15, 2020 · 8 comments

Comments

@abdeldjalil-fellah
Copy link

abdeldjalil-fellah commented Jul 15, 2020
edited 

        var r = new Repository(working);
        r.Network.Remotes.Add("remote", @"git@gitlab.com:user1234/test.git");

        r.Network.Push(r.Network.Remotes["remote"], @"refs/heads/master", new PushOptions
        {
            CredentialsProvider =
            //(url, user, credentials) => new UsernamePasswordCredentials
            //{
            //    Username = "user1234",
            //    Password = "********"
            //}
            (url, user, credentials) => new SshUserKeyCredentials
            {
                Username = "git",
                Passphrase = string.Empty,
                PublicKey = @"C:\Users\me\.ssh\gitlab.pub",
                PrivateKey = @"C:\Users\me\.ssh\gitlab"
            }
        });

both UsernamePasswordCredentials and SshUserKeyCredentials (openssh keys already added to gitlab) give:

failed to start SSH session: unable to exchange encryption keys
@bording
Copy link
Member

bording commented Jul 15, 2020

LibGit2Sharp does not support SSH.

@abdeldjalil-fellah
Copy link
Author

LibGit2Sharp does not support SSH.

will it support SSH soon?

@bording
Copy link
Member

bording commented Jul 16, 2020

No, the official packages are unlikely to ever support it. We would have to ship SSH libraries as part of our packages, and that's not something we're interested in doing. There's far too many maintenance and security burdens involved if we did that.

If you want to use LibGit2Sharp, you'll need to use HTTPS instead of SSH.

@ethomson
Copy link
Member

I think that the realistic way to support this is to build the ability for libgit2 to understand how to talk to /usr/bin/ssh (or ssh.exe). This would be an opt-in experience for people using the library, obviously. Depending on libssh2 is probably fine for many people, but I think that most users just want ssh to work like it does with git. libgit2/libgit2#5507

@bording
Copy link
Member

bording commented Jul 16, 2020

If libgit2 did implement that kind of change, then yeah LibGit2Sharp could definitely take advantage of that.

Until something like that happens, though, HTTPS is going to be the only supported protocol.

@ethomson
Copy link
Member

Strongly agree - you shouldn't (can't, realistically) be the security response team for somebody else's product.

@michaelkruglos
Copy link

libgit2 libraries for other languages (e.g. nodejs) support SSH. Lacking this feature is a significant limitation.

@KeyPuncher
Copy link

KeyPuncher commented Apr 14, 2023
edited

I haven't dug through the code, but what about defining an interface for SSH operations? Users can implement the interface then hand it over to LibGit2Sharp and have it route all SSH operations through the provided interface instance.

That way y'all don't have to ship another library with it and those who need it can add it on and still use all the wonderfulness this library has to offer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@bording @ethomson @michaelkruglos @abdeldjalil-fellah @KeyPuncher