Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Copy Files over SSH: Update ssh2 to support Ed25519 keys #11443

Closed
LUC18fknU7P opened this issue Sep 26, 2019 · 15 comments
Closed

Copy Files over SSH: Update ssh2 to support Ed25519 keys #11443

LUC18fknU7P opened this issue Sep 26, 2019 · 15 comments
Labels
Area: ABTT Akvelon Build Tasks Team area of work enhancement stale

Comments

@LUC18fknU7P
Copy link

Question, Bug, or Feature?
Type: Feature

Issue Description

Are any efforts being made to update to a newer ssh2 version that fully supports ed25519 keys?
because as of now you cant use them on "Copy Files over SSH" (results in Error: Cannot parse privateKey: Unsupported key format.)
@LUC18fknU7P
Copy link
Author

Not sure but it seems like other tasks are also affected, such as SSH inline script

@coldacid
Copy link

coldacid commented Oct 2, 2019

The current version of the task uses a version of ssh2-streams which does include ed25519 support, but it seems to have that support turned off for some reason. As far as I can tell from a bit of code and issue walking is that the task fails at https://github.com/mscdex/ssh2-streams/blob/master/lib/keyParser.js#L749 which means that the EDDSA_SUPPORTED flag is false, indicating that the NodeJS crypto library used by ssh2-streams itself is either broken or doesn't support ed25519 on the agent (based on the test at https://github.com/mscdex/ssh2-streams/blob/8a9d6992595a2251ccb818dca8d0f6001f5f4bff/lib/constants.js#L5 which determines the flag's eventual value).

It's a good chance that this is a bug.

@LUC18fknU7P
Copy link
Author

The current version of the task uses a version of ssh2-streams which does include ed25519 support, but it seems to have that support turned off for some reason. As far as I can tell from a bit of code and issue walking is that the task fails at https://github.com/mscdex/ssh2-streams/blob/master/lib/keyParser.js#L749 which means that the EDDSA_SUPPORTED flag is false, indicating that the NodeJS crypto library used by ssh2-streams itself is either broken or doesn't support ed25519 on the agent (based on the test at https://github.com/mscdex/ssh2-streams/blob/8a9d6992595a2251ccb818dca8d0f6001f5f4bff/lib/constants.js#L5 which determines the flag's eventual value).

It's a good chance that this is a bug.

Seems like the task is 1 minor version behind (mscdex/ssh2#352 (comment))

@olljanat olljanat mentioned this issue Feb 7, 2020
Closed
2 tasks
@damccorm damccorm added Area: ABTT Akvelon Build Tasks Team area of work Area: Core and removed Area: CrossPlatform labels Apr 16, 2020
@AlexandrKravchuk
Copy link
Contributor

@tero-dev We use Node.js v6 for running this task and ssh2 library for connection and it requires Node.js v12.
This issue requires a big effort to make the usage of ed25519 key based connection possible.
We will discuss with the team, if it's possible to do it now and will let you know in the comment section to this issue. So, please be tuned.

@AlexandrKravchuk
Copy link
Contributor

@tero-dev We use Node.js v6 for running this task and ssh2 library for connection and it requires Node.js v12.
This issue requires a big effort to make the usage of ed25519 key based connection possible.
We will discuss with the team, if it's possible to do it now and will let you know in the comment section to this issue. So, please be tuned.

@leantk could you please check this one out

@leantk
Copy link
Contributor

leantk commented Apr 27, 2020

@damccorm @zachariahcox for comment

@damccorm
Copy link

@AlexandrKravchuk I agree this probably isn't worth the investment right now. There's been talk in the past of upgrading our node handler from v6 to a newer node version which would make this more feasible, for the moment I think we should just keep this issue open as a future feature and not act on it. If we do upgrade our node handler then we could do this more easily.

@egor-bryzgalov egor-bryzgalov mentioned this issue Apr 28, 2020
Closed
@AlexandrKravchuk AlexandrKravchuk removed their assignment May 14, 2020
@leantk leantk added backlog Work that is on the backlog and won't get marked stale enhancement and removed enhancement labels May 19, 2020
@AlexandrKravchuk AlexandrKravchuk self-assigned this Jun 10, 2020
@anatolybolshakov anatolybolshakov removed the backlog Work that is on the backlog and won't get marked stale label Jun 10, 2020
@anatolybolshakov
Copy link
Contributor

Created relation issue for node update - microsoft/azure-pipelines-agent#2967

@AlexandrKravchuk AlexandrKravchuk removed their assignment Jun 11, 2020
@github-actions
Copy link

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Dec 13, 2020
@coldacid
Copy link

Still waiting for this.

@github-actions github-actions bot removed the stale label Dec 14, 2020
@LUC18fknU7P
Copy link
Author

Still waiting for this.

Looks like some effort is being made microsoft/azure-pipelines-agent#3042 (comment)

@github-actions
Copy link

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Jun 13, 2021
@coldacid
Copy link

And still waiting for this.

@github-actions github-actions bot removed the stale label Jun 14, 2021
@olljanat
Copy link

olljanat commented Oct 3, 2021

FYI. #12317 contained solution to this one but I closed it now as it didn't got reviewed on ~1,5 years someone else of those who need this can try to create alternative PR.

@github-actions
Copy link

github-actions bot commented Apr 1, 2022

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Apr 1, 2022
@github-actions github-actions bot closed this as completed Apr 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: ABTT Akvelon Build Tasks Team area of work enhancement stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@coldacid @olljanat @anatolybolshakov @leantk @LUC18fknU7P @damccorm @AlexandrKravchuk