Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Cannot parse privateKey: Unsupported OpenSSH private key type: ssh-ed25519 #1333

Open
make-github-pseudonymous-again opened this issue Dec 28, 2022 · 4 comments
Open

Error: Cannot parse privateKey: Unsupported OpenSSH private key type: ssh-ed25519 #1333

make-github-pseudonymous-again opened this issue Dec 28, 2022 · 4 comments

Comments

@make-github-pseudonymous-again
Copy link

Mup version (mup --version): tested with 1.5.5 and 1.5.9.

Mup config: checked valid, can share relevant parts if necessary.

Output of command

> mup deploy --config=.deploy/default/mup.js --settings=.deploy/default/settings.json
Started TaskList: Pushing Meteor App
[<hostname>] - Pushing Meteor App Bundle to the Server
Error: Cannot parse privateKey: Unsupported OpenSSH private key type: ssh-ed25519
    at Client.connect (node_modules/ssh2-classic/lib/client.js:243:13)
    at SSH.connect (node_modules/@zodern/nodemiral/lib/ssh.js:12:16)
    at Session._withSshClient (node_modules/@zodern/nodemiral/lib/session.js:45:29)
    at Session.copy (node_modules/@zodern/nodemiral/lib/session.js:84:10)
    at doCopy (node_modules/mup/lib/nodemiral.js:24:13)
    at Object.copy (node_modules/mup/lib/nodemiral.js:50:3)
    at runTask (node_modules/@zodern/nodemiral/lib/taskList.js:98:43)
    at TaskList._runTaskQueue (node_modules/@zodern/nodemiral/lib/taskList.js:87:3)
    at iterator (node_modules/@zodern/nodemiral/lib/taskList.js:53:10)
    at node_modules/async/dist/async.js:246:13
    at replenish (node_modules/async/dist/async.js:446:21)
    at node_modules/async/dist/async.js:451:13
    at eachOfLimit$1 (node_modules/async/dist/async.js:477:34)
    at awaitable (node_modules/async/dist/async.js:211:32)
    at eachOfSeries (node_modules/async/dist/async.js:813:16)
    at awaitable (node_modules/async/dist/async.js:211:32)

Private key is of type ed25519 and has header: -----BEGIN OPENSSH PRIVATE KEY-----. Publishing with this key has worked before, suddenly stopped working.
@make-github-pseudonymous-again
Copy link
Author

Note that ssh -i $PRIV_KEY_PATH, npx mup ssh and npx mup status all work.

@make-github-pseudonymous-again
Copy link
Author

Also works if I manually do:

const fs = require('fs');
const hostname = ...;
const username = ...;
const pem = fs.readFileSync('/path/to/private/key', 'utf8');

const nodemiral = require('@zodern/nodemiral');
const session = nodemiral.session(hostname, {username, pem});

session.execute('uname -a', function(err, code, logs) {
  console.log(logs.stdout);
});

@make-github-pseudonymous-again
Copy link
Author

Haha! All those working examples were running on Node 19.3! If I do meteor node (Node v14.x) and run the following snippet (feature detection logic from ssh2-streams) I see the root cause of the problem:

var crypto = require('crypto');

var eddsaSupported = (function() {
  if (typeof crypto.sign === 'function'
      && typeof crypto.verify === 'function') {
    var key = '-----BEGIN PRIVATE KEY-----\r\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'
              + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r\n-----END PRIVATE KEY-----';
    var data = Buffer.from('a');
    var sig;
    var verified;
    try {
      sig = crypto.sign(null, data, key);
      verified = crypto.verify(null, data, key, sig);
    } catch (ex) {
		console.debug(ex);
	}
    return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);
  }

  return false;
})();

console.debug({
	eddsaSupported,
});
Error: error:25066067:DSO support routines:dlfcn_load:could not load the shared library
    at Object.signOneShot [as sign] (internal/crypto/sig.js:149:10)
    at test.js:12:29
    at Object.<anonymous> (test.js:21:3)
    at Module._compile (internal/modules/cjs/loader.js:1085:14)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)
    at Module.load (internal/modules/cjs/loader.js:950:32)
    at Function.Module._load (internal/modules/cjs/loader.js:790:12)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:76:12)
    at internal/main/run_main_module.js:17:47 {
  opensslErrorStack: [
    'error:0E076071:configuration file routines:module_run:unknown module name',
    'error:0E07506E:configuration file routines:module_load_dso:error loading dso',
    'error:25070067:DSO support routines:DSO_load:could not load the shared library'
  ],
  library: 'DSO support routines',
  function: 'dlfcn_load',
  reason: 'could not load the shared library',
  code: 'ERR_OSSL_DSO_COULD_NOT_LOAD_THE_SHARED_LIBRARY'
}
{ eddsaSupported: false }

I will try to reinstall Meteor to see if that fixes it. The systems shared library paths have probably been updated since the last successful deployment.

@make-github-pseudonymous-again
Copy link
Author

Fixed by using Meteor 2.8.2 or Meteor 2.9. Feel free to close.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@make-github-pseudonymous-again