php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #78800 Improve error message when failing to read a private key file
Submitted: 2019-11-09 13:34 UTC Modified: 2021-10-12 19:44 UTC
From: orcusmaximus at gmail dot com Assigned:
Status: Open Package: ssh2 (PECL)
PHP Version: 7.2.24 OS: CentOS and Solaris
Private report: No CVE-ID: None
 [2019-11-09 13:34 UTC] orcusmaximus at gmail dot com
Description:
------------
The ssh2 library cannot read OpenSSH RSA private keys stored in the default RFC4716 format. However, rather than reporting that it cannot understand the file, we simply get a misleading authentication failed error.

Converting the file to the older PEM format fixes the issue.

Test script:
---------------
Convert an existing authorized RSA key to RFC4716 format:
ssh-keygen -p -m RFC4716 id_rsa

Test in PPP:
ssh2_auth_pubkey_file($conn, $user, "id_rsa.pub", "id_rsa");


Convert to PEM format and repeat:
ssh-keygen -p -m PEM id_rsa

ssh2_auth_pubkey_file($conn, $user, "id_rsa.pub", "id_rsa");



Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-10-12 12:44 UTC] cmb@php.net
-Summary: Misleading error message when failing to read a private key file +Summary: Improve error message when failing to read a private key file -Type: Bug +Type: Feature/Change Request
 [2021-10-12 12:44 UTC] cmb@php.net
While it appears to be prudent to improve the error handling[1],
I'm not sure whether `libssh2_userauth_publickey_fromfile_ex()`[2]
would return a more useful error code in *this* particular case.
If not, that might be something to request upstream.

[1] <https://github.com/php/pecl-networking-ssh2/blob/RELEASE_1_2/ssh2.c#L692>
[2] <https://www.libssh2.org/libssh2_userauth_publickey_fromfile_ex.html>
 [2021-10-12 19:44 UTC] orcusmaximus at gmail dot com
Upstream issue raised - https://github.com/libssh2/libssh2/issues/631
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 23:01:28 2024 UTC