VKontakte.DJ
forum traveling
 

Celestial Software

...better by design

Home Support SSH Client Forums
Welcome, Guest
Please Login or Register.    Lost Password?
AWS instance failed to connect / ED25519 (1 viewing) (1) Guest
Go to bottom Favoured: 0
TOPIC: AWS instance failed to connect / ED25519
#9085
AWS instance failed to connect / ED25519 3 Months ago  
I'm hoping you can help me get connected to a new AWS instance. I am able to connect to it with Putty.

I submitted a ticket to AWS support; I pasted a couple things from their response (happy to share the entire response if it is relevant):

(a) AWS recommend use a client that supports a compatible algorithm, such as ssh-ed25519 or ecdsa-sha2-nistp256
(b) your SSH client must support a rsa-sha2-256 or rsa-sha2-512 signature

It appears my version of Absolute Telnet (11.38) has both of these items, and from what I can tell, the default SSH2 connection/config enables them.

Thanks in advance for any insight you can provide.
brhemesath (User)
Fresh Boarder
Posts: 6
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#9086
Re:AWS instance failed to connect / ED25519 3 Months ago  
After a bit of research and discussion with Brian, I believe we found the issue.... Absolute 11.39 and earlier DO support SHA2 signatures, but only for host keys, not authentication keys. The missing piece is RFC-8308 that allows a server to communicate to a client that SHA2 signatures in AUTHENTICATION keys are preferred, or even available.

Beginning around OpenSSH 8.8, SHA1 signatures are disabled by default, which created an incompatibility with Absolute that we've now fixed in version 11.41

Check the download page for the new version.

Other solutions:
1. When creating the Linux 2023 instance, use an ED25519 keypair instead. ED25519 keys do not have the SHA1 problem
2. Configure OpenSSH to allow SSH1 in authentication (not recommended) (and no, I won't tell you how to do it ) :-)
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#9087
Re:AWS instance failed to connect / ED25519 3 Months ago  
And thanks again to Brian H for bringing this to my attention!!!
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
Go to top