Issue authenticating with an SSH key on Erlang/OTP 25

I’m working on a setup where I am using Erlang’s SSH as a client and authenticating to a separate SSH server by using a ed25519 SSH key (generated by ssh-keygen -t ed25519).

However what I’m running into is that my key works on Erlang 24, but not on Erlang 25 (where working is defined as successfully logging into an SSH server using the key).

Looking at the release notes (OTP-17920 on this page, I see this note which is maybe related:

The representation of Edward curves (ed25519 and ed448) inside ssh had a temporary representation (ed_pri and ed_pub).

That is now changed to the public_key form. See the manual for more information.

But since this same key works when used via openssh, it seems like erlang’s SSH client should support it as well.

I’ve also found a note that RSA is deprecated on OTP 25, but I don’t think I’m using RSA (and as a side-note I’m unable to find any details about RSA being deprecated on OTP 25 in the release notes).

1 Like

To understand why the connection is being rejected, can you share output
from ssh server side, running with -D -d -E /some/file.log ? and specific
OS/distro + version of sshd used.

2 Likes

It turns out that what was happening here was related to the removed functions in the :public_key module. I didn’t realize it because I didn’t expect erlang to silently swallow any exceptions in my key_cb module.

I solved this for my specific setup with a pull request to this elixir library:

1 Like