curl SFTP transfer from Cygwin on Win10 to Ubuntu 18.04 fails with Unknown host key type: 1835008

Voris, Ben ben.voris@hpe.com
Thu Jun 3 01:58:43 GMT 2021 


-----Original Message-----
From: Brian Inglis [mailto:Brian.Inglis@SystematicSw.ab.ca] 
Sent: 24 May 2021 11:09
To: cygwin@cygwin.com
Cc: Voris, Ben <ben.voris@hpe.com>
Subject: Re: curl SFTP transfer from Cygwin on Win10 to Ubuntu 18.04 fails with Unknown host key type: 1835008

On 2021-05-17 17:55, Brian Inglis wrote:
> On 2021-05-14 23:47, Brian Inglis wrote:
>> On 2021-05-13 22:40, Voris, Ben via Cygwin wrote:
>>> curl issue https://github.com/curl/curl/issues/7057 was closed with:
>>> "This seems to be purely a libssh2 issue and not a curl one."
>>> Curl reports "libssh2/1.7.0"
>>> On the same system, ssh reports " OpenSSH_8.5p1, OpenSSL 1.1.1f  31 Mar 2020"
>>> The curl code in https://github.com/curl/curl/blob/master/lib/vssh/libssh2.c has a number of defines to control what 
>>> type of host keys it will accept, including LIBSSH2_KNOWNHOST_KEY_ED25519
>>> Was the curl built with this set?
>>> Details are in the curl issue, but here they are again.
>>> Here is the curl failure:
>>> : curl -vvv -s -T t.cpp sftp://bvoris@nucnuc/tmp/t2.cpp 
>>> * STATE: INIT => CONNECT handle 0x800085338; line 1634 (connection #-5000)
>>> * Added connection 0. The cache now contains 1 members
>>> * STATE: CONNECT => RESOLVING handle 0x800085338; line 1680 (connection #0)
>>> * family0 == v4, family1 == v6
>>> *   Trying 192.168.1.5:22...
>>> * STATE: RESOLVING => CONNECTING handle 0x800085338; line 1762 (connection #0)
>>> * Connected to nucnuc (192.168.1.5) port 22 (#0)
>>> * STATE: CONNECTING => PROTOCONNECT handle 0x800085338; line 1825 (connection #0)
>>> * SFTP 0x8000847c8 state change from SSH_STOP to SSH_INIT
>>> * Found host nucnuc in /home/BVoris/.ssh/known_hosts
>>> * Unknown host key type: 1835008
>>> * SFTP 0x8000847c8 state change from SSH_INIT to SSH_SESSION_FREE
>>> * SFTP 0x8000847c8 state change from SSH_SESSION_FREE to SSH_STOP
>>> * multi_done
>>> * The cache now contains 0 members
>>> * SSH DISCONNECT starts now
>>> * SSH DISCONNECT is done
>>> * Closing connection 0
>>> The curl/libcurl version:
>>> curl 7.76.1 (x86_64-pc-cygwin) libcurl/7.76.1 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.9 zstd/1.4.9 libidn2/2.2.0 
>>> libpsl/0.21.0 (+libidn2/2.0.4) libssh2/1.7.0 nghttp2/1.37.0
>>> Release-Date: 2021-04-14
>>> Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs 
>>> smtp smtps telnet tftp
>>> Features: alt-svc AsynchDNS brotli Debug GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz Metalink NTLM 
>>> NTLM_WB PSL SPNEGO SSL TLS-SRP TrackMemory UnixSockets zstd
>>> The known_hosts entry from the client:
>>> nucnuc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmjvQ5jehz5Jwt1PDGJBSgcXVhoMRnbn/E2p3srSK+c
>>> curl is run on CYGWIN_NT-10.0 3.2.0(0.340/5/3) 2021-03-29 08:42 x86_64 Cygwin
>>> The target system has:
>>> OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
>>
>> Looks like it will need libssh2 1.9.0+.
>> The next version 1.9.1 is nearing release incorporating all the updated support
>> as well as all CVE and other patches.
>>
>> I am working on a couple of build issues, with upstream, and also 32 bit x86 builds.
>>
>> If I can get those resolved, I could adopt libssh2 (also hosted/supported @haxx.se
>> involving some of the same folks), releasing an update when the new libssh2 release
>> is available, and releasing an updated curl release 2 with the updated libssh2.

> New libssh2 1.9+ releases are available with latest ciphers and CVE patches,
> and new curl -2 releases are available built with the new libssh2 releases.
> 
> Please upgrade your Cygwin installation, retest, and let us know if you still
> have any issues, or you can now successfully connect.
> 
> After some more Cygwin et al testing of the latest libssh2 upstream repo
> commits and snapshots, the libssh2 project is eager to release the latest
> libssh2 1.9.1, and newer releases of curl will be made available using
> those updates.

This problem no longer occurs in curl 7.770 (x86_64-pc-cygwin) libssh2/1.9.0, release date 2021-05-26.

More information about the Cygwin mailing list