Unable to use ecdsa SSH key with bazaar.launchpad.net
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
High
|
Colin Watson |
Bug Description
I generated an ecdsa ssh key to use with Launchpad since ed25519 keys aren't yet working.
$ ssh-keygen -l
Enter file in which the key is (/home/
521 SHA256:
I can successfully use this to access git.launchpad.net:
$ ssh -v -i ~/.ssh/lp+id_ecdsa git.launchpad.net
OpenSSH_7.9p1 Debian-1, OpenSSL 1.1.1 11 Sep 2018
...
debug1: Connecting to git.launchpad.net [162.213.33.96] port 22.
debug1: Connection established.
...
debug1: Server host key: ssh-rsa SHA256:
debug1: Host 'git.launchpad.net' is known and matches the RSA host key.
...
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jamessan/
debug1: Server accepts key: /home/jamessan/
debug1: Authentication succeeded (publickey).
Authenticated to git.launchpad.net ([162.213.
However, I can't use the same key to access bazaar.
$ ssh -v -i ~/.ssh/lp+id_ecdsa bazaar.
OpenSSH_7.9p1 Debian-1, OpenSSL 1.1.1 11 Sep 2018
...
debug1: Connecting to bazaar.
debug1: Connection established.
...
debug1: kex: algorithm: diffie-
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: SSH2_MSG_
debug1: got SSH2_MSG_
debug1: SSH2_MSG_
debug1: got SSH2_MSG_
debug1: Server host key: ssh-rsa SHA256:
debug1: Host 'bazaar.
...
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jamessan/
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/jamessan/
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
<email address hidden>: Permission denied (publickey).
Ah, my fault - I apparently forgot to deploy the relevant code upgrade to bazaar. launchpad. net when I deployed it everywhere else a few months ago. I've filed a ticket with our sysadmins to do this. Thanks for the heads-up.