Re: [9fans] git/clone and ssh (git@github.com)

Sat, 22 Mar 2025 05:13:08 -0700 

On Sat, Mar 22, 2025 at 01:37:04AM -0400, o...@eigenstate.org wrote:
> Quoth tlaro...@kergis.com:
> > 
> > Whether under 9front or 9legacy, I'm unable to clone a public git 
> > github repository using ssh (ssh://g...@github.com/...).
> 
> It works for me on 9front. Note, you will need to add your ssh key to
> the list of authorized keys in github.
> 
> > But, after setting a lot of debugging with netssh (under 9legacy), it
> > seems that the algorithms proposed by github.com don't match an
> > algorithm implemented by netssh.
> 
> I don't have 9legacy at hand, but a quick grep through the source indicates 
> that
> your diagnosis is correct. The ssh client in /sys/src/cmd/ssh2 doesn't support
> anything other than 3des and the AES CTR mode ciphers, which github no longer
> serves.
> 
> on 9front, we select the chacha20-poly1...@openssh.com algorithm, and it
> just works for me.
> 
> Here's the debug transcript of just ssh:
> 
>         % ssh -d g...@github.com
>         server version: SSH-2.0-7d0489107
>         kexalgs: 
> curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,kex-strict-s-...@openssh.com
>         hostalgs: 
> ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa
>         cipher1: 
> chacha20-poly1...@openssh.com,aes256-...@openssh.com,aes128-...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
>         cipher2: 
> chacha20-poly1...@openssh.com,aes256-...@openssh.com,aes128-...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
>         mac1: 
> hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512,hmac-sha2-256
>         mac2: 
> hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512,hmac-sha2-256
>         zip1: none,z...@openssh.com
>         zip2: none,z...@openssh.com
>         lang1: 
>         lang2: 
>         host fingerprint: uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s
>         userauth none ok
>         userauth none failed: partial=0, next=publickey
>         userauth none skipped
>         userauth publickey ok
>         ssh: global request: hostkeys...@openssh.com
> 
>         Hi oridb! You've successfully authenticated, but GitHub does not 
> provide shell access.
> 

Thanks for the explanations. Well, I will have to fallback (on
9legacy) to hget'ing a "release" tarball for the git sources.
-- 
        Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

------------------------------------------
9fans: 9fans
Permalink: 
https://9fans.topicbox.com/groups/9fans/Tacaff396dc758b34-M35276957ce917ff090503deb
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription

Reply via email to