Download
Browse source Changelog tiny-curl
Documentation
Project   Bug Bounty FAQ   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Videos Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users IRC / chat Mailing lists Everything curl [book] Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl Tests Overview
News
Changelog Release table
curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Curl with rsa-sha2-256, rsa-sha2-512

From: João M. S. Silva via curl-users <curl-users_at_lists.haxx.se>
Date: Fri, 12 May 2023 18:26:50 +0100

I see libssh is an obsolete protocol, so it's not an alternative to libssh2.

I built libssh2 from git and curl with it:

./configure --with-openssl --with-libssh2=/home/shared/libssh2

and i still get:

$ curl/src/curl -v -T A -u x:y scp://localhost:/home/shared/B
  % Total % Received % Xferd Average Speed Time Time Time
 Current
                                 Dload Upload Total Spent Left
 Speed
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
  0* Trying 127.0.0.1:22...
* Connected to localhost (127.0.0.1) port 22 (#0)
* Found host localhost in /home/shared/.ssh/known_hosts
* Set "rsa-sha2-256,rsa-sha2-512" as SSH hostkey type
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
  0
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
  0
* Closing connection 0
curl: (79) Error in the SSH layer

Note that above I modified curl's source code to set:

   Set "rsa-sha2-256,rsa-sha2-512"

instead of additionally "ssh-rsa".

Even so, I suspect that the connection is falling back to ssh-rsa which is
rejected by the server.

João M. S. Silva


On Fri, May 12, 2023 at 4:19 PM João M. S. Silva <
joao.m.santos.silva_at_gmail.com> wrote:

> Thanks for confirming.
> Would --with-libssh (instead of libssh2) be an alternative?
> João M. S. Silva
>
>
> On Fri, May 12, 2023 at 4:17 PM Daniel Stenberg <daniel_at_haxx.se> wrote:
>
>> On Thu, 11 May 2023, João M. S. Silva via curl-users wrote:
>>
>> > Is my assumption correct that curl does not support rsa-sha2-256 and
>> > rsa-sha2-512, because even if that’s set, libssh2 will ignore and use
>> > ssh-rsa?
>>
>> I beleive this is a limitation in the libssh2 version you are using.
>>
>> You can build and use libssh2 from git for now. I hope there will be a
>> new
>> libssh2 release "any day now".
>>
>> --
>>
>> / daniel.haxx.se
>> | Commercial curl support up to 24x7 is available!
>> | Private help, bug fixes, support, ports, new features
>> | https://curl.se/support.html
>
> 


-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
Etiquette:   https://curl.se/mail/etiquette.html
Received on 2023-05-12