On 2021-05-14 23:47, Brian Inglis wrote:
On 2021-05-13 22:40, Voris, Ben via Cygwin wrote:
curl issue https://github.com/curl/curl/issues/7057 was closed with:
"This seems to be purely a libssh2 issue and not a curl one."
Curl reports "libssh2/1.7.0"
On the same system, ssh reports " OpenSSH_8.5p1, OpenSSL 1.1.1f 31 Mar 2020"
The curl code in https://github.com/curl/curl/blob/master/lib/vssh/libssh2.c has a number of defines to control what
type of host keys it will accept, including LIBSSH2_KNOWNHOST_KEY_ED25519
Was the curl built with this set?
Details are in the curl issue, but here they are again.
Here is the curl failure:
: curl -vvv -s -T t.cpp sftp://bvoris@nucnuc/tmp/t2.cpp
* STATE: INIT => CONNECT handle 0x800085338; line 1634 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* STATE: CONNECT => RESOLVING handle 0x800085338; line 1680 (connection #0)
* family0 == v4, family1 == v6
* Trying 192.168.1.5:22...
* STATE: RESOLVING => CONNECTING handle 0x800085338; line 1762 (connection #0)
* Connected to nucnuc (192.168.1.5) port 22 (#0)
* STATE: CONNECTING => PROTOCONNECT handle 0x800085338; line 1825 (connection
#0)
* SFTP 0x8000847c8 state change from SSH_STOP to SSH_INIT
* Found host nucnuc in /home/BVoris/.ssh/known_hosts
* Unknown host key type: 1835008
* SFTP 0x8000847c8 state change from SSH_INIT to SSH_SESSION_FREE
* SFTP 0x8000847c8 state change from SSH_SESSION_FREE to SSH_STOP
* multi_done
* The cache now contains 0 members
* SSH DISCONNECT starts now
* SSH DISCONNECT is done
* Closing connection 0
The curl/libcurl version:
curl 7.76.1 (x86_64-pc-cygwin) libcurl/7.76.1 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.9 zstd/1.4.9 libidn2/2.2.0
libpsl/0.21.0 (+libidn2/2.0.4) libssh2/1.7.0 nghttp2/1.37.0
Release-Date: 2021-04-14
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs
smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli Debug GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz Metalink NTLM
NTLM_WB PSL SPNEGO SSL TLS-SRP TrackMemory UnixSockets zstd
The known_hosts entry from the client:
nucnuc ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAICmjvQ5jehz5Jwt1PDGJBSgcXVhoMRnbn/E2p3srSK+c
curl is run on CYGWIN_NT-10.0 3.2.0(0.340/5/3) 2021-03-29 08:42 x86_64 Cygwin
The target system has:
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
Looks like it will need libssh2 1.9.0+.
The next version 1.9.1 is nearing release incorporating all the updated support
as well as all CVE and other patches.
I am working on a couple of build issues, with upstream, and also 32 bit x86
builds.
If I can get those resolved, I could adopt libssh2 (also hosted/supported
@haxx.se
involving some of the same folks), releasing an update when the new libssh2
release
is available, and releasing an updated curl release 2 with the updated libssh2.
New libssh2 1.9+ releases are available with latest ciphers and CVE patches,
and new curl -2 releases are available built with the new libssh2 releases.
Please upgrade your Cygwin installation, retest, and let us know if you still
have any issues, or you can now successfully connect.
After some more Cygwin et al testing of the latest libssh2 upstream repo
commits and snapshots, the libssh2 project is eager to release the latest
libssh2 1.9.1, and newer releases of curl will be made available using
those updates.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
