Can't call method "ssh_name" on an undefined value at /usr/lib64/perl5/vendor_perl/Net/SSH/Perl/Kex/DHGEX.pm line 73 #16
Comments
|
For posterity: Either way - my solution was simple - since ECDSA is insecure by now, and old ssh does not support ed22519, was to move back to using RSA4096. |
|
Thanks for letting us know! I bet that information will be useful to
someone.
…On Wed, Nov 17, 2021, 11:34 bjovanovic ***@***.***> wrote:
For posterity:
It seems Net::SSH::Perl does not support ECDSA at all. It does not even
say that, it just dies.
Either way - my solution was simple - since ECDSA is insecure by now, and
old ssh does not support ed22519, was to move back to using RSA4096.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#16 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAPBIVAA2EQOZRLI4MTI22TUMPRT3ANCNFSM5IFC52WA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
I've forked this project at briandfoy/net-ssh-perl, and you can reopen this issue there if you'd like. Otherwise, I'll add it myself at some later time. See #22. If you include text like I don't have a fix for this issue, but can merge someone else's work. Even though this question is obsoleted, we should fix the module to notify the user that they chose something that isn't supported. |
Trying to SSH via pub/private key combo to one of my servers. The exact same code works for other servers. "Regular" ssh works like a charm.
Here is the debug output including the two debug lines I added to DHGEX.pm here:
my $host_key_blob = $packet->get_str;
my $s_host_key = Net::SSH::Perl::Key->new_from_blob($host_key_blob,
$ssh->{datafellows});
use Data::Dumper;
print STDERR Dumper($host_key_blob, $ssh->{datafellows});
$ssh->debug("Received host key, type '" . $s_host_key->ssh_name . "'.");
Here is the debug output (I edited the hostnames out):
mylocalbox: Reading configuration data /root/.ssh/config
mylocalbox: Reading configuration data /etc/ssh_config
mylocalbox: Allocated local port 1022.
mylocalbox: Connecting to myserver.com, port 19890.
mylocalbox: Remote version string: SSH-2.0-OpenSSH_6.2
mylocalbox: Remote protocol version 2.0, remote software version OpenSSH_6.2
mylocalbox: Net::SSH::Perl Version 2.14, protocol version 2.0.
mylocalbox: No compat match: OpenSSH_6.2.
mylocalbox: Connection established.
mylocalbox: Sent key-exchange init (KEXINIT), waiting for response.
mylocalbox: Using diffie-hellman-group-exchange-sha256 for key exchange
mylocalbox: Host key algorithm: ecdsa-sha2-nistp256
mylocalbox: Algorithms, c->s: aes256-ctr [email protected] none
mylocalbox: Algorithms, s->c: aes256-ctr [email protected] none
mylocalbox: Entering Diffie-Hellman Group Exchange.
mylocalbox: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<4096<8192) sent
mylocalbox: Sent DH Group Exchange request, waiting for reply.
mylocalbox: Received 4096 bit DH Group Exchange reply.
mylocalbox: Generating new Diffie-Hellman keys.
mylocalbox: Entering Diffie-Hellman key exchange.
mylocalbox: Sent DH public key, waiting for reply.
$VAR1 = 'ecdsa-sha2-nistp25nistp256A����%��7�8�$�A~������w���Wx�z����3|K@y�v�ā�>Z��j+�a^H����';
$VAR2 = 0;
Can't call method "ssh_name" on an undefined value at /usr/lib64/perl5/vendor_perl/Net/SSH/Perl/Kex/DHGEX.pm line 75.
(it's now line 75 as I added the above two lines)
[root@8 auto_cert_renewal]# rpm -qa | grep ssh -i | grep -i perl
perl-Net-SSH-Perl-2.14-8.fc32.x86_64
perl-Net-SSH-0.09-31.fc32.noarch
[root@8 auto_cert_renewal]#
OpenSSH on the other end is rather old:
[root@myserver ~]# rpm -qa | grep openssh
openssh-server-6.2p2-8.fc19.x86_64
openssh-6.2p2-8.fc19.x86_64
openssh-clients-6.2p2-8.fc19.x86_64
[root@myserver ~]#
Unfortunately at this point I can not upgrade it (long story).
Any/all suggestions would be appreciated. Thanks!
The text was updated successfully, but these errors were encountered: