|
| Re: Error loading the SSH2 private keys [message #1796730 is a reply to message #1796428] |
Thu, 18 October 2018 08:12   |
 Thomas Wolf
Messages: 576
Registered: August 2016 |
Senior Member |
|
|
What kind of keys did you specify? RSA, DSA, ECDSA, Ed25519, ... ? Note that the Java ssh library used by JGit cannot handle Putty keys, and cannot handle ed25519, and may have trouble with ECDSA-384/521. See also bug 520927. For now, a possible work-around is to set the GIT_SSH environment variable to make JGit use an external ssh tool, or use RSA keys.
[Updated on: Thu, 18 October 2018 08:13] Report message to a moderator |
|
|
|
| Re: Error loading the SSH2 private keys [message #1796925 is a reply to message #1796878] |
Mon, 22 October 2018 12:49 |
Thomas Wolf
Messages: 576
Registered: August 2016 |
Senior Member |
|
|
Looks like the ssh library used by EGit/JGit tries to load the default keys (the ones specified at Preferences->General->Network Connections->SSH2, field "Private keys", or perhaps a default id_rsa key in your ~/.ssh directory) and encounters a key stored in a format it cannot read.
From code inspection, it looks as if it can read private keys with a begin marker that starts with
- "-----BEGIN PRIVATE", "-----BEGIN ENCRYPTED" (PEM, PKCS#8)
- "-----BEGIN RSA", "-----BEGIN DSA", or "-----BEGIN EC" (older OpenSsh)
- "-----BEGIN SSH" (apparently some ssh implementation by F-Secure)
However, if ssh-keygen from OpenSsh is called with -o, it'll create a private key file with a begin marker "-----BEGIN OPENSSH PRIVATE KEY-----". JSch cannot read that. :-(
Check if you have any default private key that has such a begin marker. If so, you have three options:
- You could convert it to one of the other formats (should be possible via ssh-keygen) to circumvent the problem.
- Since the problem does not occur on all computers, I guess that default key is not the one you want to use for BitBucket. (You don't seem to have it on your MacBook.) So maybe it's an option to remove it from the Eclipse preferences, if it's there, or delete it altogether (if you don't need it for something else).
- Or rename it to some non-standard name like "id_rsa_forwhatever" and have an entry in the ssh config file for the host(s) it is to be used with with an "IdentityFile ~/.ssh/id_rsa_forwhatever" line. Then JSch should not load it (unless you tried connecting to that host with EGit), but your command-line ssh could still use it.
- Or set GIT_SSH to use an external ssh.
[Updated on: Mon, 22 October 2018 13:11] Report message to a moderator |
|
|
|
| Re: Error loading the SSH2 private keys [message #1797510 is a reply to message #1796925] |
Thu, 01 November 2018 00:54 |
Lukas Tegethoff
Messages: 2
Registered: November 2018 |
Junior Member |
|
|
Quote:However, if ssh-keygen from OpenSsh is called with -o, it'll create a private key file with a begin marker "-----BEGIN OPENSSH PRIVATE KEY-----". JSch cannot read that. :-(
Actually, since Version 7.8, released 3 months ago, this format was made the new default behaviour when generating a new key pair with OpenSSH.
I only ran into this issue because my Laptop runs Arch and they have the latest version (7.9); Debian has it in their testing branch and since JSch looks to be somewhat dead (last activity looks like it was around August 2016), I think this could develop to be quite annoying in the future,
Maybe it's time for a new Eclipse Project :P
But seriously, I think there should at least be some kind of warning or message for users, I was pretty confused until I had time to actually look at the sources to figure out what was going on (I know it's my fault for using Arch, but still :P ).
Unfortunately, I can't post my sources with this message, since it's my first in the forums, if I can edit them, I will, otherwise I will make a separate reply.
|
|
|
|
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.03215 seconds
] 
Search
Help
Register
Login
Home
