Thank you for the quick support and fix!
- dr1818
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
When you send a "publickey" USERAUTH_REQUEST containing a certified
RSA key, and you want to use a SHA-2 based RSA algorithm, modern
OpenSSH expects you to send the algorithm string as
rsa-sha2-NNN-cert-v01@openssh.com. But 7.7 and earlier didn't
recognise those names, and expected the algorithm string in the
userauth request packet to be ssh-rsa-cert-v01@... and would then
follow it with an rsa-sha2-NNN signature.
OpenSSH itself has a bug workaround for its own older versions. Follow
suit.
Private-Lines
)?
C:\Users\myaccount\.ssh\az_ssh_config\123.123.123.123\puttyvm.ppk
with C:\Users\myaccount\.ssh\az_ssh_config\123.123.123.123\id_rsa.pub-aadcert.pub
certificate.
C:\Users\myaccount\.ssh\ssh_config\123.123.123.123\puttyvm.ppk
scp
.
. 2023-03-15 21:52:59.692 Looking for network events
. 2023-03-15 21:52:59.692 Server offered these authentication methods: publickey
. 2023-03-15 21:52:59.692 Offered public key
. 2023-03-15 21:54:12.169 Looking for network events
. 2023-03-15 21:54:12.169 Server offered these authentication methods: publickey
. 2023-03-15 21:54:12.169 Sending public key with certificate from "C:\Users\scrubbeduser\.ssh\scrubbedpath\id_rsa_scrubbedfilename.pub"
. 2023-03-15 21:54:12.169 Offered public key
@martin: I'm being told only for user authentication.
/keygen
part will definitely need some effort. We will see.
Support for OpenSSH certificates, for both user authentication keys and host keys.
/keygen
be updated to do conversions including adding an OpenSSH certificate (like I can now do in PuTTYgen), so that the work can be scripted?