Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Error when try to connect with AES 256 with passphrase
See original GitHub issueI create a key with passphrase with the command openssl genrsa -aes256 -out private.key 2048 and got his error:
Debugging turned on
Error: connect: Cannot parse privateKey: Malformed OpenSSH private key. Bad passphrase?
My last conf:
'use strict';
const Client = require('ssh2-sftp-client');
const config = {
host: '********************',
username: '**************',
passphrase: '**************',
privateKey: require('fs').readFileSync('./chave.pem'),
debug: console.log,
algorithms: {
kex: [
"diffie-hellman-group1-sha1",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha1"
],
cipher: [
"3des-cbc",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"aes128-gcm",
"aes128-gcm@openssh.com",
"aes256-gcm",
"aes256-gcm@openssh.com"
],
serverHostKey: [
"ssh-rsa",
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521"
],
hmac: [
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
]
},
};
const sftp = new Client('example-client');
sftp.connect(config)
.then(() => {
return sftp.cwd();
})
.then(p => {
console.log(`Remote working directory is ${p}`);
return sftp.end();
})
.catch(err => {
console.log(`Error: ${err.message}`); // error message will include 'example-client'
});
Key:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,C67632348B455D5FC910B146D881034F
7vT8irarRtdSQrA4lws/ioUgO26e3jx7j0UTiZaHjvb3EQArdm+l8zf4w9soPMin
wANofw3EaD0HgjrzPeF5ZYPnXTkgGnSivbHnKgmVJSclcsz804WTcjoEpztViIEq
d2z+f38a3Firx2Zzj7eRQHk1R8DjZAY8PeRZt/LeIlb2vxvH3is2Vob52P32wfs9
GRY9Ly04SvhnYzy0ZkWSmy9QZlV2R/9txSCYCWBru+eIwGcgpSEdpNo9yNid+w/M
L+mfbCdtZgSc4jLpLf0+CEsIx8jeOFgOX/JWwyGyzzYb8eRF3u91Hjqihr9xK9vz
AQ4jPFSgz1Ttmt3gXc/WP9Fpji6oUvadjB5VX2VLdai1TAh0KDWQ3Q5hWSepL22O
i3TznqUHavIubZV88RV69Xp2CTBLflIZCm5jskGkN/NeqQv4R4iaa2xiBeoDZe3f
mwQvDEp0Vo8oULpz95Skmb5mvfpxVXyGoqAxrsyfbQSAxzopFafrj4Q8mXuGJAH7
T4aDRdoBu5NmBciJ5MqE7qnZkCRqYZxmv1LQ/tEXPkEesSUksQi3bhLAhPUh0cX5
mcNh/PV+RkhRhg8V0C7dKCZ5HMev4nGXcd8OxX2Ydzk39V1xecRZDaOsEwaK8dM2
dZNEpwdlm3tS967JlHiMaNME3DxLYWms4ut32ZbHAYv4HVWuIkw0ICtR2xfpTMJ5
Z1z6tMPaebcwxIruT7yq1ctbnpErPNdIpHs8LkIBAEdP65cp8wHwJbv3tQLAWAJh
kTiRMcGD02IH+ysFjGcSzWNT8OauieILv9TeA+p7n46qxGe2gHNKpGehkFu/tEJX
32i577pL/RawWGVDUB8vVHLrgjUEMom0DO5+r1xFeWbiYcevQVLrXTAzLqQrQSEu
fRhIwtxc5BdXKgKCSMmx6EmWPIk7JWaddAKdJIF/q1XDMetMPVkfiUzaPyHnCg8O
w+/xWPHsNlL1xMFEmmRHEIvs29MFwF/RIaU6KobtuF7DpGL7PEYeWUsssRT7Pjjx
V+ipfP3rvOdCTjE52yzBGhJF9ZNE3IFdXkpMmcrX2h9Fv7G3ajq2sm7vMnUw47gk
40yi5YGfi7SXXg4/i40Gp7NLLRN6z921oK+ouAiIoRIkeMk1qDvVUUkh62QCDYoM
tYymjHUDpBaxV19goptYoPhbAYH5JKQNK14/SNtipGASjIUKHTTaccyccnPAB10H
/a9qyyCd6xECuwZ5LwdoOgGh6WXM5d4Fvd86D+iq9rRce0vNCVEDI2NGhUYbz1v9
OZAQukPWuLB6lFWPOVfSebSDIzaz2lAbc72mAMAbBbd4fHU1AIckYvahFL+lvbqT
hubJviDam8mOkwaNViXNyUaQIZ5FIgJOkT0qEnsv47r0jzD1ITaH7NzQohrO62H5
/2aVhABovXg+kgHp/yWwGiiqndJ+iQNlSXsNihY8E0iuITFwfx0hrbwrNDbjWOYu
gNfkATQqU16dny8EpgAcyqMgO5hIbD0keQiKkhM5e8Myl/oczkuuxqz8EUnGXG/J
H+2bMwRHJ9ZyK2xEbnjMwa8652C3PHe5JJYSLgePFm+eQ6/EvKgG30P/QMhWwKZ6
-----END RSA PRIVATE KEY-----
Issue Analytics
- State:
- Created 3 years ago
- Comments:14 (7 by maintainers)
Top Results From Across the Web
Java, error when decoding AES-256 - Stack Overflow
Generating a key from a password by using the key to seed a PRNG is a bad idea. Use password-based-encryption instead.
Read more >CIFS access lost after enabling AES encryption on the SVM
Info: In order to disable CIFS AES encryption, the password for the CIFS server machine account must be reset. Enter the username and...
Read more >Use FileVault to encrypt your Mac startup disk - Apple Support
FileVault full-disk encryption uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your ...
Read more >Is it possible to encrypt a file using both AES-256 cipher ...
openssl enc -aes-256-cbc -salt -in input.txt -out output.txt -pass file:user.key generates this error message: Error reading password from BIO ...
Read more >Kerberos Unsupported etype error - Windows Server
You disable the RC4_HMAC-MD5 encryption type, leaving the AES128-CTS-HMAC-SHA1-96 and AES256-CTS-HMAC-SHA1-96 encryption types enabled. You ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
OK, thanks for the update, I will keep an eye out for new release version of ssh2-streams and will push a new version of ssh2-sftp-client when it happens.
Can you provide a minimal example script which reproduces your issue. I need to see how you are passing the key to the server as that error seems to indicate you are sending the wrong format. You are passing the contents of the key file, not the filename?
Also, might be worth checking the ssh2 site as this is an ssh2 error. Could be some info there which will help.