jRuby and net/ssh

Yvon_T · July 29, 2008, 1:20pm

Hey all,

i’m using net/ssh with CRuby and wanted an UI then, i’ve migrated to
jRuby + Profligacy.
except the UI the code is about the same and i get an error when
authentifying :

Exception in thread “AWT-EventQueue-0”
/opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:187:in
ssh_do_verify': unsupported algorithm: DSS1withDSA (OpenSSL::PKey::PKeyError) from /opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:187:inverify_signature’
from
/opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:69:in
`exchange_keys’

the same code, when used from CRuby uses my dsa key.

here, Net::SSH makes use of OpenSSL, i think it’s because it’s
included in the “core” jRuby ?
i never require it :
require ‘java’
require ‘rubygems’
require ‘profligacy/swing’
require ‘profligacy/lel’
require ‘needle’
require ‘net/ssh’

is there a way to avoid OpenSSL for authentification within jRuby ?
or, does i need to ssh-keygen another kind of key (rsa?) ?
notice i’ve never used OpenSSL.

best,

yvon

To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email

Yvon_T · July 29, 2008, 5:51pm

Hi Yvon,

Not much help here, but still:

I know that we have a couple of net/ssh - related bugs against JRuby:
http://jira.codehaus.org/browse/JRUBY-1692
http://jira.codehaus.org/browse/JRUBY-2747

When I tried some time ago to use net/ssh, I also encountered the
issue with unsupported protocol, and had to adjust my ~/.ssh/config
file to remove those algorithms that are not yet supported.

After that I see that “padding error”, reported in JRUBY-2747.

Thanks,
–Vladimir

On Tue, Jul 29, 2008 at 1:19 PM, Yvon T. [email protected]
wrote:

   from /opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:187:in
require ‘rubygems’

yvon

To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email

To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email

Yvon_T · July 29, 2008, 7:11pm

Yvon T. wrote:

    from /opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:187:in
verify_signature' from /opt/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.3/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:69:inexchange_keys’

Oops, I started replying on the Ruby ML.

It looks like this may be a place where we’re not translating an
algorithm name correctly. There are no references anywhere to
DSS1withDSA, but lots to SHA1withDSA, and DSS1 is supposed to be
“basically” the same as SHA1. So I think this is probably a bug in
JRuby-OpenSSL, and you should file it as such.

Also, net/ssh has never been made to fully work on JRuby, but it’s
always bothered us. So I’d really like to work with you and others to
get the last bugs worked out.

Charlie

To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email