Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error on SSH usage with NitroKey #2538

Closed
nonbinary opened this issue Apr 9, 2020 · 5 comments · Fixed by #2662
Closed

Error on SSH usage with NitroKey #2538

nonbinary opened this issue Apr 9, 2020 · 5 comments · Fixed by #2662

Comments

@nonbinary
Copy link

I've tried to log in to two different servers using my PGP smartcard as a SSH key, with connectbot and password store. Both give me the following error:

Publickey authentication failed.
Error signing challenge: Exception in executeApi call : Attempt to invoke virtual method 'long org.bouncycastle.openpgp.
PGPPrivateKey.getKeyID()' on a null object reference

I can log in with Linux with the key, and OpenKeychain can use the key to decrypt mails. I've successfully used the key on android before on another phone.
I'm using a Fairphone 3 with stock Android 9.
@n0emis
Copy link

n0emis commented Jul 2, 2020

I have the same problem with the YubiKey 5NFC. My key uses ed25519.

@n0emis
Copy link

n0emis commented Jul 2, 2020

Here is a stacktrace:

SshAuthenticationApi: Exception in executeApi call
SshAuthenticationApi: java.lang.NullPointerException: Attempt to invoke virtual method 'long org.bouncycastle.openpgp.PGPPrivateKey.getKeyID()' on a null object reference
SshAuthenticationApi: 	at android.os.Parcel.createException(Parcel.java:1956)
SshAuthenticationApi: 	at android.os.Parcel.readException(Parcel.java:1918)
SshAuthenticationApi: 	at android.os.Parcel.readException(Parcel.java:1868)
SshAuthenticationApi: 	at org.openintents.ssh.authentication.ISshAuthenticationService$Stub$Proxy.execute(ISshAuthenticationService.java:7)
SshAuthenticationApi: 	at org.openintents.ssh.authentication.SshAuthenticationApi.executeApi(SshAuthenticationApi.java:2)
SshAuthenticationApi: 	at com.zeapo.pwdstore.git.config.SshApiSessionFactory$ApiIdentity.getSignature(SshApiSessionFactory.java:7)
SshAuthenticationApi: 	at com.jcraft.jsch.UserAuthPublicKey.start(UserAuthPublicKey.java:67)
SshAuthenticationApi: 	at com.jcraft.jsch.Session.connect(Session.java:96)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:13)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:7)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:2)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:1)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:1)
SshAuthenticationApi: 	at org.eclipse.jgit.transport.Transport.fetch(Transport.java:20)
SshAuthenticationApi: 	at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:23)
SshAuthenticationApi: 	at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:42)
SshAuthenticationApi: 	at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:4)
SshAuthenticationApi: 	at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:1)
SshAuthenticationApi: 	at com.zeapo.pwdstore.git.GitAsyncTask.doInBackground(GitAsyncTask.kt:44)
SshAuthenticationApi: 	at android.os.AsyncTask$2.call(AsyncTask.java:333)
SshAuthenticationApi: 	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
SshAuthenticationApi: 	at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
SshAuthenticationApi: 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
SshAuthenticationApi: 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
SshAuthenticationApi: 	at java.lang.Thread.run(Thread.java:764)
SshAuthenticationApi: Exception in executeApi call : Attempt to invoke virtual method 'long org.bouncycastle.openpgp.PGPPrivateKey.getKeyID()' on a null object reference

@elijahmathews
Copy link

Also running into this issue with a ed25519 authentication subkey stored on a Yubikey 5 NFC (and the identical error message on Android Password Store), even though it works for SSH authentication in GnuPG 2.2.20.

@elijahmathews elijahmathews mentioned this issue Sep 11, 2020
Closed
@fmeum fmeum mentioned this issue Jan 8, 2021
Closed
@DDoSolitary DDoSolitary mentioned this issue Jan 27, 2021
Closed
@msfjarvis
Copy link
Contributor

msfjarvis commented Feb 5, 2021
edited

We have a bunch of people facing issues with ed25519 over at Android Password Store, any pointers as to where I can start looking for the root cause? I'd like it to be fixed in OpenKeychain rather than hack it on my end.

@n0emis
Copy link

n0emis commented Feb 5, 2021

There is already a pr, which might close this: #2631

@dhedberg dhedberg mentioned this issue Feb 20, 2021
Merged
@rEnr3n rEnr3n mentioned this issue Apr 5, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow SSH authentication using EdDSA key residing on a security token
4 participants
@nonbinary @msfjarvis @n0emis @elijahmathews