Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ECDSA and ed25519 keys do not work #552

Closed
Elizafox opened this issue Jul 31, 2015 · 5 comments
Closed

ECDSA and ed25519 keys do not work #552

Elizafox opened this issue Jul 31, 2015 · 5 comments

Comments

@Elizafox
Copy link

Hello,

I'm not sure if this is the right place to file the bug (maybe the bug's in libgit2), but this is where I encountered it, and I haven't tried to duplicate it in libgit2. When using SSH, ECDSA and ed25519 keys don't work. They fail with this error:

>>> remote.credentials = pygit2.Keypair('git', '/home/elizabeth/.ssh/id_ed25519.pub', '/home/elizabeth/.ssh/id_ed25519', None)
>>> remote.fetch()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib64/python3.4/site-packages/pygit2/remote.py", line 221, in fetch
    check_error(err)
  File "/usr/lib64/python3.4/site-packages/pygit2/errors.py", line 56, in check_error
    raise GitError(message)
_pygit2.GitError: Failed to authenticate SSH session: Callback returned error

The traceback for ECDSA is similar.

Yes, I have added my ed25519 and ECDSA keys to github, so I know that's not the problem. RSA keys also work just fine.
@carlosmn
Copy link
Member

pygit2 or libgit2 do not set any restrictions on the type of key. The key path is given directly to libssh2, so if it's refusing to accept them, it's a libssh2 issue. The specific error message "Callback returned error" also comes from libssh2 as well.

@nvanheuverzwijn
Copy link

Hi, I know this is an old post, but I stumbled on this very problem. As of today, libssh2 does not support elliptic curve keys. If you try to use ecdsa with libgit2 (which use libssh2 under the hood), you will have a Failed to authenticate SSH session: Callback returned error.

TL;DR: Libssh2 does not support elliptic curve.

Source : https://www.libssh2.org/ (look for Hostkey Types)

Cheers,
Nic

@yan12125
Copy link

A relevant issue for ED25519: libssh2/libssh2#39. I have a patch to enable ED25519 in libssh2. Hope that helps those who need it!

@willco007
Copy link

willco007 commented Mar 13, 2017
edited
Loading

I have a private fork of libssh2 that supports ECDSA keys using the OpenSSL backend. I hope to have a bit of time to land it back to the public project after the project I'm working on ships.

TimidRobot added a commit to creativecommons/sre-salt-prime that referenced this issue Jan 4, 2019
@TimidRobot
replaced github deploy ssh key (pygit2 does not support ed25519: libg…
07ade3b 
…it2/pygit2#552)
@jdavid
Copy link
Member

jdavid commented Apr 18, 2020

This is supported by libssh since 1.9.0 from its changelog, https://libssh2.org/changes.html#1.9.0
And pygit2 Linux wheels are built with libssh 1.9.0 since pygit2 1.0.0

@jdavid jdavid closed this as completed Apr 18, 2020
@MartinEmrich MartinEmrich mentioned this issue May 23, 2024
Open
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@carlosmn @jdavid @Elizafox @nvanheuverzwijn @yan12125 @willco007