Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version without ssh-lsa does not work with ssh keys on docker for Windows #677

Closed
vcarluer opened this issue Apr 19, 2017 · 8 comments
Closed

Version without ssh-lsa does not work with ssh keys on docker for Windows #677

vcarluer opened this issue Apr 19, 2017 · 8 comments
Labels
Issue-Bug Resolution - Fixed
Milestone
May-Mid

Comments

@vcarluer
Copy link

Please answer the following

"OpenSSH for Windows" version
0.0.12.0

OS details
Microsoft Windows Server Core 2016 Docker container hosted by Microsoft Windows 2016.

What is failing
ssh key authentication

Expected output
Logon with public key

Actual output
Password prompt

Deployed with chocolatey.org package https://chocolatey.org/packages/openssh
Fallback to 0.0.10.0 works well
@bgelens
Copy link

bgelens commented Apr 19, 2017

Got this with PowerShell 6 New-PSSession as well. Reverted to 0.0.11.0 and working again. In my case I installed from GH releases.

@Flamez97
Copy link

@vcarluer Please do you know a link to download the version with ssh-sla?

@vcarluer
Copy link
Author

The version 0.0.10.0 available here have it (maybe the 0.0.11.0 too, didn't test)
https://github.com/PowerShell/Win32-OpenSSH/releases
I have installed it with chocolatey, so I didn't have test direct install from here but it should be the same.

@DarwinJS
Copy link

v0.0.11.0 has ssh-lsa.dll as well.

On line 10 of the below linked dockerfile, add '-MaximumVersion 0.0.11.0' to keep your docker builds at 11 until this is fixed.

https://github.com/DarwinJS/ChocoPackages/blob/master/openssh/Dockerfile

@manojampalam
Copy link
Contributor

I'm looking into this.

@Flamez97
Copy link

Thanks @vcarluer

@manojampalam
Copy link
Contributor

manojampalam commented Apr 21, 2017
edited
Loading

Found the issue. On the nanoserver docker image, SHGetKnownFolderPath(&FOLDERID_Profile) using the token generated by S4U for NTLM, is returning the system profile path

  • C:\Windows\system32\config\systemprofile

I'll fix this in the next drop by avoiding this call and retrieving the user profile path from registry directly.

This is my dockerfile

FROM microsoft/nanoserver:latest

ADD OpenSSH-Win64 c:/openssh
RUN powershell -executionpolicy bypass -file c:\openssh\install-sshd.ps1
RUN powershell -c {cd c:\openssh; .\ssh-keygen -A;}
EXPOSE 22/tcp
RUN net user admin a /add
ENTRYPOINT net start sshd

#docker build . -t m1

@manojampalam manojampalam added this to the April-End milestone Apr 21, 2017
@manojampalam manojampalam mentioned this issue Apr 27, 2017
Merged
manojampalam added a commit to PowerShell/openssh-portable that referenced this issue Apr 28, 2017
@manojampalam
Fixed key based auth with talking to docker containers
8a83d33 
PowerShell/Win32-OpenSSH#677
@manojampalam
Copy link
Contributor

We found some reliability issues with recent changes and will need time to do stabilization. This issue has been fixed but a drop wont be available till Mid May. Thanks for your patience.

@manojampalam manojampalam modified the milestones: May-Mid, April-End May 4, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Issue-Bug Resolution - Fixed
Projects
None yet
Milestone
May-Mid
Development

No branches or pull requests
6 participants
@vcarluer @bgelens @DarwinJS @bingbing8 @manojampalam @Flamez97