Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-4069

Update ssh2 dependency

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.21.0
    • Affects Version/s: None
    • Component/s: Connectivity
    • None
    • Iteration Urial, Iteration Vicuña

      Latest: Dec 3, 2019 v0.8.7
      connection-model current: Nov 8, 2016 v0.5.4

      https://github.com/mongodb-js/compass/issues/1882

      While attempting to connect via SSH tunnel using an identity file and passphrase on the latest stable community version, I was only able to get it to work with an RSA key encrypted with AES-128-CBC or DES-EDE3-CBC. It failed to work with AES-192-CBC, AES-256-CBC, or with an openssh private key.

      I got a variety of errors when using these other ciphers, including Uncaught Error: Expected 0x2: got 0x18, Uncaught Error: encoding too long, and Uncaught Error: Cannot parse privateKey: Unsupported key format.

      Please add support at least for at least longer key lengths of AES, and potentially for other ciphers and key formats.

      Confirmed that I get this same issue on current tip of master for at least AES-256-CBC

      These algorithms are supported but not enabled by default. COMPASS-4069 will update ssh2 and when combined with COMPASS-3933 adding the below to client/server construction in ssh-tunnel.js will resolve this problem.

      { algorithms: { cipher: require('ssh2-streams').constants.ALGORITHMS.SUPPORTED_CIPHER } }
      

            Assignee:
            lucas.hrabovsky Lucas Hrabovsky (Inactive)
            Reporter:
            lucas.hrabovsky Lucas Hrabovsky (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: