[COMPASS-3558] Add Support for Ed25519 SSH keys Created: 09/Apr/19 Updated: 10/Jan/24 Resolved: 30/Jun/22 |
|
| Status: | Closed |
| Project: | Compass |
| Component/s: | Connectivity |
| Affects Version/s: | 1.17.0 |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Mark Garrett | Assignee: | Unassigned |
| Resolution: | Declined | Votes: | 1 |
| Labels: | internal | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
macOS 10.14.4 |
||
| Issue Links: |
|
||||||||
| Story Points: | 2 | ||||||||
| Sprint: | Iteration Urial, Iteration Vicuña | ||||||||
| Description |
|
Compass is currently unable to use Ed25519 keys generated by OpenSSL. After doing some digging, this is due to the underlying node module ssh-streams not handling EdDSA in the most recent version. There is a fix that was recently committed. I've put in an issue to get the fix version tagged. This would also require compiling against OpenSSL 1.1 or equivalent.
|
| Comments |
| Comment by Jessica Sigafoos [ 30/Jun/22 ] |
|
Thank you for your feedback! If this issue is still relevant to you, please vote on or file a feature request at https://feedback.mongodb.com/ |
| Comment by Lucas Hrabovsky (Inactive) [ 09/Jan/20 ] |
|
|
| Comment by Mark Garrett [ 09/Aug/19 ] |
|
Scot, you will need to create your key with "-m PEM" which will create it in the older format. |
| Comment by Scot Mcphee [ 09/Aug/19 ] |
|
I've been trying to use ssh in Compass - on a Mac, which has open SSH on it. When I try this, to connect to our Atlas installation, I get the following: Uncaught Error: Cannot parse privateKey: Unsupported key format
Support chat said:
However ssh-keygen generates this header no matter the type of key i generate so i'm not sure about the applicability of this. The key above is an RSA key.
|
| Comment by Mark Garrett [ 10/Apr/19 ] |
|
It seems that the ssh-streams fix won't be tagged and released until roughly node 12 as it requires compiling against OpenSSL 1.1.1, which is a bit new. Tracking issue at nodejs. |