New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net-ssh does not require ed25519 dependencies #476
Comments
@mfazekas thanks for the numbered list, that clarifies the situation pretty well and confirms what I'd suspected after poking through the gemspec here and installation instructions for rbnacl. I wonder if a solution here is to use a post-install message to clarify why this is the case, or whether there's a better solution? Edit: thanks also for reacting to my post inside 6 minutes! That's gotta be some kind of FOSS collaboration record :) either way, it's very appreciated. |
There is no concrete plans to solve this issue. The priority was getting 4.0 out of the door, and this compromise allows 4.0 to continue to run on wide range of platforms (eg Java and windows). There are the following options:
|
I'm not enthralled by any of the options set-out, but I'd imagine you aren't either. It's a real shame that we're no longer able to do SSH with pure Ruby. The "improve documentation" issue came up because we were deciding what to do with Capistrano, and SSHKit, and by then people are three layers removed from the source of the "problem". Suggest the following: we treat this as the documentation issue that it is. Quick question to that, is there a specific error raised when trying to connect to a server that expects |
Yes, it looks like this:
Although this is helpful, it is still less than ideal because:
Perhaps better documentation and error messaging is the right way to address this in the short term. |
Maybe the best would be pointing them to a web page or just this github issue, so they can get more information.
I'll work on improving the message. Actually net-ssh should not deal with
I'll need to allow rbnacl 4.0 in net-ssh 4.0.1, and yes i need to print the requirements.
So windows is an issue because rbnacl-libsodium doesn't have precompiled libsodium, so you'll have trouble installing that if you don't have c compiler on your windows machine. If you do have or install libsodium via other means windows should work just fine. On jruby there is no bcrypt_pbkdf but we don't require it on jruby. bcrypt_pbkdf is only required for reading password protected ed25519 keys, so if you have non encrypted keys or your keys are in agent then there is no need for that. |
@mfazekas thanks for the detailed explanation and for putting in the time and effort to maintain net-ssh. Regarding documentation, would you accept a PR that adds a "how to" document for ssh-ed25519 support? I could place this as a Markdown file in the net-ssh repo, and projects like Capistrano and SSHKit could then link to it. |
@mattbrictson sure we can put a howto to the repo, i was just wondering if it's something that's going to change a lot, maybe a wikipage or just github issue could be a better place. Esp if you add a link to it you have to carefull about branch/tag as any howto inside the repo should only apply to that specific version. |
ssh_options. Also updates gemspec requirements to support ed25519 elliptic keys in net/ssh next cleanup: change hardcoded ssh_options in lib/loom/host_spec.rb to come from the config. pass in from inventory.rb more info: net-ssh/net-ssh#565 net-ssh/net-ssh#476 net-ssh/net-ssh#175
There are a number of (mostly natvie) gems required for ed25519 implementation to work.
rbnacl-libsodium
rbnacl
bcrypt_pbkdf
Currently it's up to the user to install them and net-ssh will complain, if those dependencies are not there/incorrect versions.
The following reasons led to this decision:
The text was updated successfully, but these errors were encountered: