Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

All configured authentication methods failed - w/ agent + key #309

Closed
colemickens opened this issue Nov 6, 2021 · 18 comments
Closed

All configured authentication methods failed - w/ agent + key #309

colemickens opened this issue Nov 6, 2021 · 18 comments
Labels
bug Something isn't working dependencies Updates/issues due to dependencies

Comments

@colemickens
Copy link

Hi.

I can't connect to a remote host with this extension, even though I can from the terminal.

Let's first sanity check in the terminal (in VSCode even):

~
❯ export SSH_AUTH_SOCK=/run/user/1000/sshagent

~
❯ ssh-add -L      
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC9YAN+P0umXeSP/Cgd5ZvoD5gpmkdcrOjmHdonvBbptbMUbI/Zm0WahBDK0jO5vfJ/C6A1ci4quMGCRh98LRoFKFRoWdwlGFcFYcLkuG/AbE8ObNLHUxAwqrdNfIV6z0+zYi3XwVjxrEqyJ/auZRZ4JDDBha2y6Wpru8v9yg41ogeKDPgHwKOf/CKX77gCVnvkXiG5ltcEZAamEitSS8Mv8Rg/JfsUUwULb6yYGh+H6RECKriUAl9M+V11SOfv8MAdkXlYRrcqqwuDAheKxNGHEoGLBk+Fm+orRChckW1QcP89x6ioxpjN9VbJV0JARF+GgHObvvV+dGHZZL1N3jr8WtpHeJWxHPdBgTupDIA5HeL0OCoxgSyyfJncMl8odCyUqE+lqXVz+oURGeRxnIbgJ07dNnX6rFWRgQKrmdV4lt1i1F5Uux9IooYs/42sKKMUQZuBLTN4UzipPQM/DyDO01F0pdcaPEcIO+tp2U6gVytjHhZqEeqAMaUbq7a6ucAuYzczGZvkApc85nIo9jjW+4cfKZqV8BQfJM1YnflhAAplIq6b4Tzayvw1DLXd2c5rae+GlVCsVgpmOFyT6bftSon/HfxwBE4wKFYF7fo7/j6UbAeXwLafDhX+S5zSNR6so1epYlwcMLshXqyJePJNhtsRhpGLd9M3UqyGDAFoOQ== cardno:7126708

~
❯ ssh colemickens@aarch64.nixos.community "echo hello"              
hello

My sshfs config:

   {
      "name": "commbox",
      "agent": "/run/user/1000/sshagent",
      "host": "aarch64.nixos.community",
      "username": "colemickens",
      "root": "/home/colemickens",
      "debug": true
    }

results in:

[INFO]    
Created output channel for vscode-sshfs
When posting your logs somewhere, keep the following in mind:
  - While the logging tries to censor your passwords/passphrases/..., double check!
    Maybe you also want to censor out e.g. the hostname/IP you're connecting to.
  - If you want to report an issue regarding authentication or something else that
    seems to be more of an issue with the actual SSH2 connection, it might be handy
    to reconnect with this added to your User Settings (settings.json) first:
      "sshfs.flags": [ "DEBUG_SSH2" ],
    This will (for new connections) also enable internal SSH2 logging.

[INFO]    Loading configurations...
[INFO]    Calculated config flags: {"debug_ssh2":[null,"Global Settings"]}
[DEBUG]   	Added configuration home-assistant from [1]
[DEBUG]   	Added configuration commbox from [1]
[INFO]    Found 2 configurations
[INFO]    Loading configurations...
[INFO]    Loading configurations...
[DEBUG]   	Added configuration home-assistant from [1]
[DEBUG]   	Added configuration commbox from [1]
[INFO]    Found 2 configurations
[DEBUG]   	Added configuration home-assistant from [1]
[DEBUG]   	Added configuration commbox from [1]
[INFO]    Found 2 configurations
[INFO]    Extension activated, version 1.23.1, mode 2
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/settings.json
[INFO]    [createConnection(commbox,config)] Creating a new connection for 'commbox'
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/tasks.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/launch.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/extensions.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/extensions.json
[INFO]    Calculating actual config
[DEBUG]   	Final configuration:
{
    "name": "commbox",
    "agent": "/run/user/1000/sshagent",
    "host": "aarch64.nixos.community",
    "username": "colemickens",
    "root": "/home/colemickens",
    "debug": true,
    "_location": 1,
    "_locations": [
        1
    ],
    "_calculated": {
        "name": "commbox",
        "agent": "/run/user/1000/sshagent",
        "host": "aarch64.nixos.community",
        "username": "colemickens",
        "root": "/home/colemickens",
        "debug": true,
        "_location": 1,
        "_locations": [
            1
        ]
    },
    "port": 22
}
[INFO]    [createSocket(commbox)] Creating socket
[DEBUG]   [createSocket(commbox)] Connecting to aarch64.nixos.community:22
[DEBUG]   [ssh2(commbox)] DEBUG: Local ident: 'SSH-2.0-ssh2js0.4.10'
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_INIT
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_GREETING
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_HEADER
[DEBUG]   [ssh2(commbox)] DEBUG: Remote ident: 'SSH-2.0-OpenSSH_8.8'
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing KEXINIT
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:716,padLen:9,remainLen:712
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXINIT
[DEBUG]   [ssh2(commbox)] DEBUG: Comparing KEXINITs ...
[DEBUG]   [ssh2(commbox)] DEBUG: (local) KEX algorithms: curve25519-sha256@libssh.org,curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
[DEBUG]   [ssh2(commbox)] DEBUG: KEX algorithm: curve25519-sha256@libssh.org
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Host key formats: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Host key formats: rsa-sha2-512,rsa-sha2-256,ssh-ed25519
[DEBUG]   [ssh2(commbox)] DEBUG: Host key format: ssh-ed25519
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Client->Server ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Client->Server ciphers: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
[DEBUG]   [ssh2(commbox)] DEBUG: Client->Server Cipher: aes128-ctr
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Server->Client ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Server->Client ciphers: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
[DEBUG]   [ssh2(commbox)] DEBUG: Server->Client Cipher: aes128-ctr
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Client->Server HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Client->Server HMAC algorithms: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: Client->Server HMAC algorithm: hmac-sha2-256
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Server->Client HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Server->Client HMAC algorithms: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: Server->Client HMAC algorithm: hmac-sha2-256
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Client->Server compression algorithms: none,zlib@openssh.com,zlib
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Client->Server compression algorithms: none,zlib@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: Client->Server compression algorithm: none
[DEBUG]   [ssh2(commbox)] DEBUG: (local) Server->Client compression algorithms: none,zlib@openssh.com,zlib
[DEBUG]   [ssh2(commbox)] DEBUG: (remote) Server->Client compression algorithms: none,zlib@openssh.com
[DEBUG]   [ssh2(commbox)] DEBUG: Server->Client compression algorithm: none
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing KEXECDH_INIT
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:188,padLen:8,remainLen:184
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXECDH_REPLY
[DEBUG]   [ssh2(commbox)] DEBUG: Checking host key format
[DEBUG]   [ssh2(commbox)] DEBUG: Checking signature format
[DEBUG]   [ssh2(commbox)] DEBUG: Verifying host fingerprint
[DEBUG]   [ssh2(commbox)] DEBUG: Host accepted by default (no verification)
[DEBUG]   [ssh2(commbox)] DEBUG: Verifying signature
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing NEWKEYS
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:12,padLen:10,remainLen:8
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: NEWKEYS
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing SERVICE_REQUEST (ssh-userauth)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:28,padLen:10,remainLen:16
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: HMAC size:32
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Verifying MAC
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: SERVICE_ACCEPT
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing USERAUTH_REQUEST (none)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:28,padLen:12,remainLen:16
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: HMAC size:32
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Verifying MAC
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
[DEBUG]   [ssh2(commbox)] DEBUG: Client: none auth failed
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing USERAUTH_REQUEST (publickey -- check)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:28,padLen:12,remainLen:16
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: HMAC size:32
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Verifying MAC
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
[DEBUG]   [ssh2(commbox)] DEBUG: Client: Agent key #1 failed
[DEBUG]   [ssh2(commbox)] DEBUG: Agent: No more keys left to try
[DEBUG]   [ssh2(commbox)] DEBUG: Client: agent auth failed
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing USERAUTH_REQUEST (keyboard-interactive)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETBEFORE (expecting 16)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKET
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: pktLen:28,padLen:12,remainLen:16
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATA
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Decrypting
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: HMAC size:32
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: Verifying MAC
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAVERIFY (Valid HMAC)
[DEBUG]   [ssh2(commbox)] DEBUG: Parser: IN_PACKETDATAAFTER, packet: USERAUTH_FAILURE
[DEBUG]   [ssh2(commbox)] DEBUG: Client: keyboard-interactive auth failed
[ERROR]   [createSSH(commbox)] Error: All configured authentication methods failed
JSON: {"level":"client-authentication"}
Error: All configured authentication methods failed
	at F (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:251896)
	at q (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:253016)
	at fe.Y (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:254574)
	at fe.emit (events.js:400:28)
	at le (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:136275)
	at fe._transform (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:154480)
	at fe.Transform._read (internal/streams/transform.js:205:10)
	at fe._read (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:148368)
	at fe.Transform._write (internal/streams/transform.js:193:12)
	at writeOrBuffer (internal/streams/writable.js:358:12)
Logged at:
	at T.emit (events.js:400:28)
	at F (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:251995)
	at q (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:253016)
	at fe.Y (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:254574)
	at fe.emit (events.js:400:28)
Reported by logger createSSH(commbox)
[DEBUG]   [ssh2(commbox)] DEBUG: Outgoing: Writing DISCONNECT (BY_APPLICATION)
[ERROR]   Error while connecting to SSH FS commbox:
Error: All configured authentication methods failed
JSON: {"level":"client-authentication"}
Error: All configured authentication methods failed
	at F (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:251896)
	at q (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:253016)
	at fe.Y (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:254574)
	at fe.emit (events.js:400:28)
	at le (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:136275)
	at fe._transform (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:154480)
	at fe.Transform._read (internal/streams/transform.js:205:10)
	at fe._read (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/14f8.extension.js:1:148368)
	at fe.Transform._write (internal/streams/transform.js:193:12)
	at writeOrBuffer (internal/streams/writable.js:358:12)
Caused by catchingPromise:
	at i (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/extension.js:11:5418)
	at d.createFileSystem (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/extension.js:11:17538)
	at o.assertFs (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/extension.js:11:9407)
	at o.readFile (/home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/extension.js:11:9743)
	at T.$readFile (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:94:157056)
	at i._doInvokeHandler (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:13530)
	at i._invokeHandler (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:13214)
	at i._receiveRequest (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:11876)
	at i._receiveOneMessage (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:10554)
	at /nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:8650
Logged at:
	at /home/cole/.local/share/code-server/extensions/kelvin.vscode-sshfs-1.23.1/dist/extension.js:11:19201
	at processTicksAndRejections (internal/process/task_queues.js:95:5)
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/settings.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/tasks.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/launch.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/settings.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/tasks.json
[DEBUG]   Reading ssh://commbox/home/colemickens/.vscode/launch.json
@SchoofsKelvin
Copy link
Owner

According to your logs, the extension did attempt to authenticate with the agent's key, but got rejected by the server. Can you access your OpenSSH logs on the server and see if it mentions anything about the failed key authentication?

Mapped stack trace
Error: All configured authentication methods failed
        at Error (.yarn/unplugged/ssh2-npm-0.8.9-102adf8ce0/node_modules/ssh2/lib/client.js:413:20)
        at .yarn/unplugged/ssh2-npm-0.8.9-102adf8ce0/node_modules/ssh2/lib/client.js:486:2
        at stream (.yarn/unplugged/ssh2-npm-0.8.9-102adf8ce0/node_modules/ssh2/lib/client.js:599:2)
        at fe.emit (events.js:400:28)
        at /yarn/ssh2-streams-https/ssh2-streams/lib/ssh.js:3682:14
        at this (/yarn/ssh2-streams-https/ssh2-streams/lib/ssh.js:701:24)
        at fe.Transform._read (internal/streams/transform.js:205:10)
        at n (/yarn/ssh2-streams-https/ssh2-streams/lib/ssh.js:253:21)
        at fe.Transform._write (internal/streams/transform.js:193:12)
        at writeOrBuffer (internal/streams/writable.js:358:12)
Caused by catchingPromise:
        at src/utils.ts:23:11
        at src/manager.ts:52:46
        at createFileSystem (src/fileSystemRouter.ts:14:24)
        at assertFs (src/fileSystemRouter.ts:37:23)
        at T.$readFile (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:94:157056)
        at i._doInvokeHandler (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:13530)
        at i._invokeHandler (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:13214)
        at i._receiveRequest (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:11876)
        at i._receiveOneMessage (/nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:10554)
        at /nix/store/ldk415v8b7z3k71fh4ywi35dallmnh5n-code-server-3.12.0/libexec/code-server/vendor/modules/code-oss-dev/out/vs/workbench/services/extensions/node/extensionHostProcess.js:98:8650
Logged at:
        at src/manager.ts:99:19
        at processTicksAndRejections (internal/process/task_queues.js:95:5)

@SchoofsKelvin SchoofsKelvin added bug Something isn't working waiting Waiting for confirmation, more information, ... labels Nov 7, 2021
@colemickens
Copy link
Author

Dec 13 21:47:48 xeep sshd[4040551]: Accepted publickey for cole from 100.112.137.125 port 38144 ssh2: RSA SHA256:DRLTqHaHUaiBl7Gql+m7H+FW8+/oyxYeLgQYJyJ43mg
Dec 13 21:47:48 xeep sshd[4040551]: pam_unix(sshd:session): session opened for user cole(uid=1000) by (uid=0)
Dec 13 21:48:00 xeep sshd[4040810]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
Dec 13 21:48:00 xeep sshd[4040810]: error: PAM: Authentication failure for cole from 100.112.137.125
Dec 13 21:48:00 xeep sshd[4040810]: Received disconnect from 100.112.137.125 port 38146:11:  [preauth]
Dec 13 21:48:00 xeep sshd[4040810]: Disconnected from authenticating user cole 100.112.137.125 port 38146 [preauth]

ssh-rsa is deprecated in recent openssh.

@colemickens
Copy link
Author

It seems like this is mscdex/ssh2#989. :/

@SchoofsKelvin
Copy link
Owner

We'll have to wait until ssh2 finds a solution. In the meantime, it seems like you should be able to convert your key to another format? unless it's your agent passing an auto-converted key

@SchoofsKelvin SchoofsKelvin added dependencies Updates/issues due to dependencies wontfix This will not be worked on labels Dec 15, 2021
@colemickens
Copy link
Author

Well, it's a Yubikey, so I don't think I can really convert - plus there's nothing really wrong with my key - it works against newer openssh servers just fine, when the ssh client does the right thing.

AFAICT, the workaround is loosening what the server accepts to allow the deprecated 'ssh-rsa' that ssh2 is selecting instead of ssh-rsa-sha512 or whatever it is that's the better option that should be selected.

@SchoofsKelvin
Copy link
Owner

I might take a look into adding a flag to forcefully set the type to ssh-rsa-sha512 (or any user-defined value) if possible, although that'll require me to poke around and overwrite or interact with ssh2 internal code, so unlikely.

The extension currently still uses ssh2@0.8.9 (with a custom patch) due to major breaking changing when upgrading to 1.0.0, which I also have to solve (quite soon) to enjoy later updates/patches, as the 0.x.y branch is basically deprecated/abandoned.

@francoism90
Copy link

@SchoofsKelvin I'm having the issue, how can I solve this?

@SchoofsKelvin
Copy link
Owner

@francoism90 The fastest/easiest way is probably modifying your server configuration to allow these kind of keys (see above and mscdex/ssh2#989).

Otherwise it's waiting for me to upgrade the extension to ssh2@>=1.0.0 and either me or mscdex fixing the issue in the ssh2 codebase.

@dominik-lekse
Copy link

I ran into this issue when evaluating the extension and attempting to connect to a remote ssh host. The remote ssh server used the default sshd_config which ships with the Alpine distribution.

The extension failed to connect using an rsa-4096 private key with error messages like posted earlier in this issue.

The extension successfully connected using an ed25519 private key.

Both public key types were authorized on the remote ssh host. The ssh client is able to connect with both private key type.

@SchoofsKelvin For new adopters like me who attempt to connect using a rsa-4096 private key, the cause of a failed connection is not easy to track given the error message. I suggest to document this e.g. in a known issues section in the README until the extension get the upgrade to ssh2@>=1.0.0.

@SchoofsKelvin
Copy link
Owner

I've actually upgraded the extension so it now uses ssh2@1.6.0, the latest release of ssh2. Since it's a big change, it's still on the master branch and will take some testing before I'll actually release it. Feel free to try out the latest build, but since mscdex/ssh2#989 is still an open issue, it probably won't solve this issue. At least the upgrade will allow me to pull in the fix as soon as is possible, as well as giving me (and whoever wants to) the opportunity to fix it pre-upstream, although not an easy thing nor something I'm planning on doing soon.

@SchoofsKelvin
Copy link
Owner

As I've mentioned in the linked issue #375, OpenSSH 8.8+ deprecated ssh-rsa (more specifically using sha-1, which is currently the only one supported by the ssh2 dependency) which l now know more about.

The "best" solution would be waiting for mscdex/ssh2#989 to be solved (e.g. if the author accepts mscdex/ssh2#1200 or a variant), but it doesn't seem like that might happen soon. Worst case, I can stop using the (full) official release of ssh2 and use a (Yarn-)patched version with that pull request included.

Alternatively, after looking around a bit in the source code, I could pre-parse keys and pre-instantiate agents I pass to ssh2 instead of raw keys / agent options that it uses to instantiate them internally, and use that mechanic to add some overrides regarding this issue. Since this would be a bit outside the public API of ssh2, not ideal and still quite a bit of work.

Realistically, I might just go with the patch method right now. I've upgraded my test server to have OpenSSH 8.8+ and am able to reproduce the issue, so I can also immediately verify if the patch works.

@SchoofsKelvin SchoofsKelvin removed waiting Waiting for confirmation, more information, ... wontfix This will not be worked on labels Apr 1, 2023
@SchoofsKelvin
Copy link
Owner

I've pushed a fix that should fix this. You can download the .vsix from here (build 120 or later) and test it yourself. Just installing that version of the extension (and reloading VS Code) should enable the fix.

@SchoofsKelvin
Copy link
Owner

I've published a new version of the extension (v1.26.1) which includes this fix, so it's not necessary anymore to manually install the custom build to test it. If you still encounter this issue, comment on (and reopen) this issue.

@warednsour
Copy link

warednsour commented Apr 26, 2023

I am facing the same issue
But it was working fine on older versions, nothing has changed regarding to the configurations, the pc restarted for a windows update, i can't understand where is the issue, but now it's not working .

I have installed (downgraded ) to the version v1.26.0, and now it's working fine.

The v1.26.1 is causing this.
@theam14
here is how to download another version 👍 :
image

I have removed all senstive data from the log:

Flag "OPENSSH-SHA1" enabled due to 'missing', including convertSha1 for publickey authentication
[DEBUG] Read private key from
[DEBUG] Final configuration:
{
"name": " ",
"passphrase": "",
"privateKeyPath": "",
"host": "<ip_address>",
"_location": 1,
"_locations": [
1
],
"_calculated": {
"name": " ",
"passphrase": "",
"privateKeyPath": "",
"host": "<ip_address>",
"_location": 1,
"_locations": [
1
]
},
"username": " ",
"port": 22,
"privateKey": "Buffer(1766)"
}
[INFO] [createSocket( )] Creating socket
[DEBUG] [createSocket( )] Connecting to <ip_address>:22
[INFO] [createSSH( )] Flag "OPENSSH-SHA1" enabled due to 'missing', including convertSha1 for publickey authentication
[INFO] [createSSH( )] Flag "OPENSSH-SHA1" enabled due to 'missing'
[ERROR] [createSSH( )] Error: All configured authentication methods failed
JSON: {"level":"client-authentication"}
Error: All configured authentication methods failed
at _e (:1:97846)
at Ie (:1:100799)
at USERAUTH_FAILURE (:1:89153)
at 51 (:1:241614)
at e.exports.D (:1:111513)
at D.decrypt (:1:205168)
at e.exports.H [as _parse] (:1:111037)
at e.exports.parse (:1:114840)
at Socket. (:1:96586)
at Socket.emit (node:events:526:28)
Logged at:
at e.exports.emit (node:events:526:28)
at e.exports.emit (node:domain:475:12)
at _e (:1:97948)
at Ie (:1:100799)
at USERAUTH_FAILURE (:1:89153)
Reported by logger createSSH( )
[ERROR] Error while connecting to SSH FS :
Error: All configured authentication methods failed
JSON: {"level":"client-authentication"}
Error: All configured authentication methods failed
at _e (:1:97846)
at Ie (:1:100799)
at USERAUTH_FAILURE (:1:89153)
at 51 (:1:241614)
at e.exports.D (:1:111513)

@asavochkin
Copy link

Same for me. After upgrading to 1.26.1 i had "All configured authentication methods failed" error for all ssh configs.
Downgrading to 1.26.0 fixed the issue.

@aespinoza96
Copy link

Same for me and downgrading to 1.26.0 works fine.

@ELDiablO59152
Copy link

Same too, downgrading to 1.26.0 have fixed my issue

@vgorloff
Copy link

vgorloff commented Aug 4, 2023

Having the same issue when using newly created AWS EC2 Instance launched with RSA key-pair.

Solved issue by creating new ED25519 key-pair, and attaching the new key-pair to existing EC2 Instance.

Here is a guide: "Add or remove a public key on your instance": https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/replacing-key-pair.html

In short:

  1. Run ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem | pbcopy
  2. Add new line by pasting clipboard into ~/.ssh/authorized_keys on EC2 instance.
  3. Verify connection ssh -i /path_to_key_pair/my-key-pair.pem ec2-user@xyz.compute.amazonaws.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working dependencies Updates/issues due to dependencies
Projects
None yet
Development

No branches or pull requests

9 participants