When I try to connect my Mac, then I get this error.
I read a log where to found it:
System.NotSupportedException: Key 'OPENSSH' is not supported.
at Renci.SshNet.PrivateKeyFile.Open(Stream privateKey, String passPhrase)
at Renci.SshNet.PrivateKeyFile..ctor(String fileName, String passPhrase)
at Xamarin.Messaging.Ssh.MessagingAuthenticationMethod.InitializePrivateKeyAuthentication(String username, ISshInformationProvider sshInformationProvider) in E:\A\_work\157\s\External\messaging\src\Xamarin.Messaging.Ssh\MessagingAuthenticationMethod.cs:line 76
at Xamarin.Messaging.Ssh.MessagingService.GetMessagingConnection(Func`1 passwordProvider, ISshInformationProvider sshInformationProvider) in E:\A\_work\157\s\External\messaging\src\Xamarin.Messaging.Ssh\MessagingService.cs:line 418
at Xamarin.Messaging.Ssh.MessagingService.<ConnectAsync>d__64.MoveNext() in E:\A\_work\157\s\External\messaging\src\Xamarin.Messaging.Ssh\MessagingService.cs:line 167
I found library and code that it's using:
https://github.com/sshnet/SSH.NET/blob/bd01d971790a7c1fa73bad35b79ada90bf69e62d/src/Renci.SshNet/PrivateKeyFile.cs#L190
and there is nothing about OpenSSH like a keyName.
I check my private keys in folder %LOCALAPPDATA%\Xamarin\MonoTouch:
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----
I began to receive this error when I reinstalled Windows 10 and Visual Studio 2017 instead of Windows 7
Please help me solve it
I execute below command in command-prompt, and retry connecting Mac.
ssh-keygen -t rsa -b 8192 -N "" -f "%LOCALAPPDATA%\Xamarin\MonoTouch\id_rsa"
-t specifies encryption type 'RSA'
-b use 8192-bit key
-N explicitly specifies empty keyphrase
I can confirm that user10613465's answer worked in my case.
ssh-keygen -t rsa -N "" -f "%LOCALAPPDATA%\Xamarin\MonoTouch\id_rsa"
In my case I had the correct versions of Windows, Visual Studio and Xamarin.
The system passed until tests number 8 and 9 described here:
link from official Xamarin on MS Docs
I know it's manner to comment on his asnwer, but I don't have the privillege yet (using work email's StackOverflow account)
It's indeed caused by a bug in Xamarin. The solution suggested by user10613465
does not work with recent versions of Xamarin (at least not for me), however I've found a workaround.
Background
Feel free to skip this section* Xamarin generates a pair of SSH keys
stored in in %LOCALAPPDATA%\AppData\Local\Xamarin\MonoTouch. SSH key files comes
in multiple flavors. One is RSA, another is OPENSSH. The flavor can be
found by inspecting the first line in the key file. The problem here
is Xamarin generates OPENSSH keys; but can't read them.
In recent versions of Xamarin the private key is encrypted and the
passphrase itself is encrypted and stored in a file named
passphrase.key. If you attempt to erase the files and generate a new
keyset of the correct flavor as suggested, Xamarin will reject the
keys a generate a new set it doesn't understand.
Stategy
Feel free to skip this one too. My research suggests you can't
convert an OPENSSH key to a RSA key. As far as I can see, Xamarin does
not use any external program to generate the key set, so replacing/redirecting
is not a viable solution.
The solution I found is to generate a new keyset of the supported
flavor, with the same passphrase and leaving passphrase.key in place. Getting the passphrase is the tricky part. I've used VS to debug another instance of VS to obtain it.
Procedure
I assume you already have attempted ot pair and have a defective key
pair (id_rsa, id_rsa.pub and passphrase.key)
Fire up Visual Studio (VS), open some project. We'll call this
instance A of VS.
Select Tools -> IOS -> Pair to mac.
Enter IP address or name of your Mac, but DO NOT enter name and
password yet.
Start another instance of VS. We call this instance B.
In instance B, select Debug -> Options
In Debuging -> Options, deselect "Enable Just my code", Click OK.
Select Debug, Attach to Process.
Select the Instance A of VS. The process is called devenv.exe.
In instance B, Select Debug -> Windows -> Breakpoints
In the breakpoints window, click on New -> Function breakpoint. Select
Renci.SshNet.PrivateKeyFile.Open.
Now, in instance A, enter name and password and click OK. The
breakpoint is now hit by instance A so it freeze.
In instance B you should see some assembler code. The code itself is
not important; but we should be able to see the arguments to the
method. Open the local variable window by clicking through Debug ->
Windows -> Locals
One variable is the passphrase. It looks like a uuid. Copy it to the
clipboard and store it somewhere convenient.
Resume execution, close both VS instances.
Enter C:\Users\mk\AppData\Local\Xamarin\MonoTouch
Verify you can connect to your mac using the key and the passphrase we
just recovered:
ssh -i id_rsa mymac
Move the old key out of the way:
mkdir old
move id_rsa old
move id_rsa.pub old
Generate a new set of keys, use the same passphrase.
ssh-keygen -t rsa -N "" -f "%LOCALAPPDATA%\Xamarin\MonoTouch\id_rsa"
Verify the header in id_rsa looks like this
----BEGIN RSA PRIVATE KEY-----
and not like this
-----BEGIN OPENSSH PRIVATE KEY-----
If it doesn't, you need to use another ssh-keygen. Perhaps putty can
help you there.
Log in to the mac computer. Edit .ssh/authorized_keys and remove the
old key. (The one you find in
"%LOCALAPPDATA%\Xamarin\MonoTouch\old\id_rsa.pub"
Add the new public from "%LOCALAPPDATA%\Xamarin\MonoTouch\id_rsa.pub"
This solved the problem for me
Related
I need to add a server certificate to my trust store, and therefore a .pem file has been provided to me on github. Unfortunately, for some reason, i can't download the file, so i have copied the text and inserted the text into a .txt file. Now, i need assume that i have to convert filetype from .txt to .pem, before i can add the server certificate to my trust store in windows 10.
How do i convert a certificate in .txt to .pem? I am using windows 10
The file looks like the following:
-----BEGIN CERTIFICATE-----
xxx
xxx
...
-----END CERTIFICATE-----
As IInspectable pointed out it is not really a programming question as you could just use the context menu of Windows explorer or hit F2 on the selected file.
But of course this issue can be handled programmatically - here is the PowerShell way:
Open a PowerShell console window.
Run:
Move-Item 'C:\my-file.txt' 'C:\my-file.pem'
I am having a hard time understanding the process of signing / certifying Outlook plugin.
The problem is that plugin works but I can't install it on all machines. On some it can be installed and on some not (it gives security alert about manifest not signed/certified). I have gone through docs but I can't say its clear for me.
What is the easiest way to fix that problem? Could someone explain it in a few, plain english, words?
First you want to create a non-expiring certificate for Visual Studio projects
Type Developer Command in the Start Menu search and right click and select Run as administrator
Paste the following commands in the command prompt for MakeCert and pvk2pfx
MakeCert /n "CN=Your New Cert" /r /h 0 /eku "1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.13" /e "01/01/2100" /sv MyNewCert.pvk MyNewCert.cer
pvk2pfx -pvk MyNewCert.pvk -spc MyNewCert.cer -pfx MyNewCert.pfx
Note:
The date format is the US standard MM/DD/YYYY
The -f parameter can be used at the end of the pvk2pfx line for overwriting an existing file
You'll get prompted to create a password (this is optional)
After the password prompt, you'll need to run the second command line by just pressing the Enter key.
Now you can select the same certificate for multiple Visual Studio projects
In the Visual Studio project properties, select Signing* click on Select from Fileā¦.
Navigate to the same path from the command prompt and select the certificate file (*.pfx)
I recently came across a problem generating self-signed certificates in an automated fashion. Anytime I run makecert.exe I get a pop-up window for a password for the certificate. However, these certificates will never be distributed, so I don't need a password or anything.
How can I get makecert.exe to work without requiring a GUI?
If it helps, my command line takes this kind of form:
makecert.exe mycert.cer -r -n "CN=random-hex-number" -$ individual
-sv private.pkv -pe -cy end
I didn't solve the root problem, but found a way to work around it. It only prompts for a password when you don't provide a private key. By generating a private key beforehand and passing it as the PVK, it won't prompt for a password now.
Put the certificate and the private keys in a folder.
then use the pvk2pfx tool to combine them into one file.
Then when your ready to install use
#pushd "%~dp0"
#start "" /b (command) "%~dp0"
The pushd keeps it the files directory, and start "" /b runs the program without bring up the interface.
While generating the private key using this command
genrsa -out my-prvkey.pem 1024
It throws the error like below
Loadind 'screen' into random state -done Generating RSA private
key,1024 bit long modulus
.........................................+++++++
...........................+++++++++ unable to write 'random state' e
is 65537 (0*10001)
This makes any problem while creating a public certificate. I'm running this command in windows. Can anyone help me for the fix?
The quickest solution is: set environment variable RANDFILE to path where the 'random state' file can be written (of course check the file access permissions), eg. in your command prompt:
set RANDFILE=C:\MyDir\.rnd
openssl genrsa -out my-prvkey.pem 1024
More explanations:
OpenSSL on Windows tries to save the 'random state' file in the following order:
Path taken from RANDFILE environment variable
If HOME environment variable is set then : ${HOME}\.rnd
C:\.rnd
I'm pretty sure that in your case it ends up trying to save it in C:\.rnd (and it fails because lack of sufficient access rights). Unfortunately OpenSSL does not print the path that is actually tries to use in any error messages.
It may also be that you need to run the console as an administrator. On windows 7, hold ctrl+shift when you launch the console window.
just enter this line in the command line :
set RANDFILE=.rnd
Or this in windows powershell
$env:RANDFILE=".rnd"
I did not find where the .rnd file is so I ran the cmd as administrator and it worked like a charm.
Download openssl for windows from https://code.google.com/archive/p/openssl-for-windows/downloads
Set Environment variable to the path variable as path="C:\your_folder\openssl-0.9.8k_X64\bin"
Run below commands on the same path of bin
on my new computer, I setup git and my putty.exe and ssh key etc. just fine.
So I do a:
git pull origin
and then at the command prompt, I am asking for a password.
I have no idea what password it wants, and then it also asks for my server's password after a few failed attempts at the first password.
it asks for:
blahblah#serveradmin.com password:
What is going on?
(my git rep is hosted on a shared unix isp)
I already setup pageant to use my private key, and it gave me a popup to enter my passphrase. This is how it works on my old computer, and then when I open git-bash and do a 'git pull origin' it works fine without asking me anything.
Update II
So let me summarize what is happending here:
I have the exact same setup at my office computer (windows7) (desktop), and it works fine w/o asking me any questions. All I do b4 using git is run a .bat file that loads up pageant.exe:
C:\putty\pageant.exe "E:\code\pg_pk.ppk"
Then doing a git pull origin works fine, doesn't ask me for any password.
I had this on my laptop also, and it worked just like my office computer UNTIL I installed windows 7 on it. Now it asks me for a password even though pageant.exe is running (I can see it in my taskbar, and the key is loaded).
So today I grabbed the .bat file and the entire /putty folder and put it on my laptop, still doesn't work, it is asking me for a password when I type: git pull origin
(I am running the same version of git on both computers)
Really confused, what could it be?
It isn't clear from your question whether or not you set up Git to actually use PuTTY. What is the content of your GIT_SSH environment variable?
It should be set to the full path to plink.exe. Even better yet: if you also use TortoiseSVN or TortoiseHg, set GIT_SSH to their TortoisePlink.exe. TortoisePlink has been modified to not read from the standard input, but instead pop up a dialog window, if something goes wrong. Git redirects standard input, so that you cannot actually type anything into plink, if, for example, your server's IP address changes and plink asks you to type yes to confirm it, that won't work. (You'll have to invoke plink or putty manually, then say yes and they will save it in the registry.) TortoisePlink will instead pop up a Yes/No dialog box.
You ssh key passphrase.
To remedy, you can recreate a key on your new machine using ssh-keygen and then save in the git origin
I'd double-check your SSH keys--looks like it's not properly sending your identity.
I have found that pageant sometimes just does not work. IMHO it is far easier to set it up using a blank password key with command line ssh client. From memory:
Generate public/private key using git bash:
ssh-keygen -t RSA -C email#address
DO NOT specify password.
Upload the the contents of %USERPROFILE%.ssh\id_rsa.pub
Git should just work, including windows command line, git bash, tortoise, git extensions etc.
I encountered this problem as well. What worked for me, oddly enough, was not creating the repository via TortoiseGit, but rather via git init.