Unsupported key format for openssh format (Mac Mojave)

[cjcox17]

When a ssh key is generated with or without a passphrase, it results in an unsupported key format error.

The key works fine for SSH and other applications.

Key Header:
-----BEGIN OPENSSH PRIVATE KEY-----

Steps to reproduce the behavior:

1. Generate a new key file with the following command. Set a passphrase.

ssh-keygen -t rsa -b 4096

2. Try to use this key in the extension within VSCode. You will receive the error "Unsupported key format".

NOTE and WORKAROUND: The key also will not be read by puttygen to convert the key to a .ppk if the key has a passphrase. Another error, "Unsupported Cipher" is returned when importing the key. However, if the passphrase is removed from that key via

ssh-keygen -p id_rsa

then the key is loaded fine by puttygen and can be exported to a .ppk that works fine in vscode-sftp.

Expected behavior
I expected the plugin to accept the format of the key as it does when I use the same command in either WSL(Windows Sub-systems for Linux) or in Ubuntu/Fedora. (Used VSCode on all of these platforms).

Macbook Pro:
OS: MacOS Mojave 10.14.1
VSCode: 1.28.2
Extension Version: 1.7.3
SSH Version: OpenSSH_7.8p1, LibreSSL 2.7.3

Extension Log(Some private data has been omitted):

{"remotePath":"/","uploadOnSave":true,"downloadOnOpen":false,"ignore":[".vscode",".git",".DS_Store","vendor/*","node_modules"],"concurrency":4,"protocol":"sftp","connectTimeout":10000,"interactiveAuth":false,"secure":false,"passive":false,"remoteTimeOffsetInHours":0,"port":22,"host":"","username":"******","privateKeyPath":"/Users/cjcox17/.ssh/sftp_test_key","passphrase":"******"} [error] Error: Cannot parse privateKey: Unsupported key format at Client.connect (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/node_modules/ssh2/lib/client.js:231:13) at Promise (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:231:22) at new Promise (<anonymous>) at SSHClient.<anonymous> (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:209:20) at Generator.next (<anonymous>) at /Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:7:71 at new Promise (<anonymous>) at __awaiter (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:3:12) at SSHClient._connectSSHClient (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:202:16) at SSHClient.<anonymous> (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:74:24) at Generator.next (<anonymous>) at fulfilled (/Users/cjcox17/.vscode/extensions/liximomo.sftp-1.7.3/out/src/core/remote-client/sshClient.js:4:58) at <anonymous>

[liximomo]

Generate a new key file with the following command. Set a passphrase.

Why not set passphrase in sftp.json if your key has a passphrase?

[fanshengshuai]

When i gen a rsa with ssh-keygen , also got the problem:

[error] Error: Cannot parse privateKey: Unsupported key format
	at Client.connect (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/node_modules/ssh2/lib/client.js:231:13)
	at Promise (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102315)
	at new Promise (<anonymous>)
	at h.<anonymous> (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102037)
	at Generator.next (<anonymous>)
	at /home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:99068
	at new Promise (<anonymous>)
	at r (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98845)
	at h._connectSSHClient (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:101817)
	at h.<anonymous> (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:100517)
	at Generator.next (<anonymous>)
	at s (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98901)
	at <anonymous> 
[error] Error: Config Not Found. (output:extension-output-%231) 
	at Object.u [as handleCtxFromUri] (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:44285)
	at Object.<anonymous> (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:4043)
	at Generator.next (<anonymous>)
	at /home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:3323
	at new Promise (<anonymous>)
	at r (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:3100)
	at a.map.t (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:3985)
	at Array.map (<anonymous>)
	at Object.<anonymous> (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:3978)
	at Generator.next (<anonymous>)
	at s (/home/fanshengshuai/.vscode-oss/extensions/liximomo.sftp-1.7.7/dist/extension.js:1:3156)
	at <anonymous> 

sftp.json:

{
    "protocol": "sftp",
    "host": "127.0.0.1",
    "port": 10220,
    "username": "root",
    "privateKeyPath": "~/.ssh/id_rsa",
    "passphrase":"fss",
    "other": "uploadOnSave\":true*/",
    "localPath":"output/",
    "remotePath": "/data/web/kuboluo.com/sdb.kuboluo.com/src/wx/"
}

[fanshengshuai]

work fine with password

[liximomo]

Extension Logs - required

1. Open User Settings.

   • On Windows/Linux - File > Preferences > Settings
   • On macOS - Code > Preferences > Settings

2. Set sftp.debug to true and reload vscode.

3. Reproduce the problem, get the logs from View > Output > sftp.

[sydneyjean]

Hi there, I'm experiencing this same issue now that the ssh key is being generated on mojave using openssh.

logs:

[info] [file-save] /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig [trace] handle upload file for /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig [error] Error: Cannot parse privateKey: Unsupported key format at Promise (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102315) at Client.connect (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/node_modules/ssh2/lib/client.js:231:13) at new Promise (<anonymous>) at h.<anonymous> (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102037) at Generator.next (<anonymous>) at /Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:99068 at new Promise (<anonymous>) at r (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98845) at h._connectSSHClient (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:101817) at h.<anonymous> (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:100517) at Generator.next (<anonymous>) at s (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98901) at <anonymous> download /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig

[liximomo]

Extension Logs - required

1. Open User Settings.

   • On Windows/Linux - File > Preferences > Settings
   • On macOS - Code > Preferences > Settings

2. Set sftp.debug to true and reload vscode.

3. Reproduce the problem, get the logs from View > Output > sftp.

[biu0w0]

The same problem. Here's my logs:

[debug] register command "Cancel All Transfer" from "./commandCancelAllTransfer.ts"
[debug] register command "Config" from "./commandConfig.ts"
[debug] register command "List Active Folder" from "./commandListActiveFolder.ts"
[debug] register command "Open Ssh Connection" from "./commandOpenSshConnection.ts"
[debug] register command "Set Profile" from "./commandSetProfile.ts"
[debug] register command "Toggle Output Panel" from "./commandToggleOutputPanel.ts"
[debug] register command "Delete Remote" from "./fileCommandDeleteRemote.ts"
[debug] register command "Diff" from "./fileCommandDiff.ts"
[debug] register command "Diff Active File" from "./fileCommandDiffActiveFile.ts"
[debug] register command "Download" from "./fileCommandDownload.ts"
[debug] register command "Download Active File" from "./fileCommandDownloadActiveFile.ts"
[debug] register command "Download Active Folder" from "./fileCommandDownloadActiveFolder.ts"
[debug] register command "Download File" from "./fileCommandDownloadFile.ts"
[debug] register command "Download Folder" from "./fileCommandDownloadFolder.ts"
[debug] register command "Download Force" from "./fileCommandDownloadForce.ts"
[debug] register command "Download Project" from "./fileCommandDownloadProject.ts"
[debug] register command "Edit In Local" from "./fileCommandEditInLocal.ts"
[debug] register command "List" from "./fileCommandList.ts"
[debug] register command "List All" from "./fileCommandListAll.ts"
[debug] register command "Reveal In Explorer" from "./fileCommandRevealInExplorer.ts"
[debug] register command "Reveal In Remote Explorer" from "./fileCommandRevealInRemoteExplorer.ts"
[debug] register command "Sync Both Directions" from "./fileCommandSyncBothDirections.ts"
[debug] register command "Sync Local To Remote" from "./fileCommandSyncLocalToRemote.ts"
[debug] register command "Sync Remote To Local" from "./fileCommandSyncRemoteToLocal.ts"
[debug] register command "Upload" from "./fileCommandUpload.ts"
[debug] register command "Upload Active File" from "./fileCommandUploadActiveFile.ts"
[debug] register command "Upload Active Folder" from "./fileCommandUploadActiveFolder.ts"
[debug] register command "Upload Changed File" from "./fileCommandUploadChangedFile.ts"
[debug] register command "Upload File" from "./fileCommandUploadFile.ts"
[debug] register command "Upload Folder" from "./fileCommandUploadFolder.ts"
[debug] register command "Upload Force" from "./fileCommandUploadForce.ts"
[debug] register command "Upload Project" from "./fileCommandUploadProject.ts"
[info] config at /Users//Projects/ {"remotePath":"","uploadOnSave":true,"downloadOnOpen":false,"ignore":[".vscode",".git",".svn",".DS_Store","node_modules","react"],"concurrency":4,"protocol":"sftp","connectTimeout":10000,"interactiveAuth":false,"secure":false,"passive":false,"remoteTimeOffsetInHours":0,"port":36000,"name":"106","host":"","username":"","privateKeyPath":"/Users//.ssh/id_rsa"}
[trace] run command 'Sync Local To Remote'
[trace] handle sync for /Users//Projects/
[error] Error: Cannot parse privateKey: Unsupported key format
at Client.connect (/Users//.vscode/extensions/liximomo.sftp-1.7.7/node_modules/ssh2/lib/client.js:231:13)
at Promise (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102315)
at new Promise ()
at h. (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102037)
at Generator.next ()
at /Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:99068
at new Promise ()
at r (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98845)
at h._connectSSHClient (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:101817)
at h. (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:100517)
at Generator.next ()
at s (/Users//.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98901)
at

[sydneyjean]

Sorry @liximomo here is the full log.

[debug] register command "Cancel All Transfer" from "./commandCancelAllTransfer.ts"
[debug] register command "Config" from "./commandConfig.ts"
[debug] register command "List Active Folder" from "./commandListActiveFolder.ts"
[debug] register command "Open Ssh Connection" from "./commandOpenSshConnection.ts"
[debug] register command "Set Profile" from "./commandSetProfile.ts"
[debug] register command "Toggle Output Panel" from "./commandToggleOutputPanel.ts"
[debug] register command "Delete Remote" from "./fileCommandDeleteRemote.ts"
[debug] register command "Diff" from "./fileCommandDiff.ts"
[debug] register command "Diff Active File" from "./fileCommandDiffActiveFile.ts"
[debug] register command "Download" from "./fileCommandDownload.ts"
[debug] register command "Download Active File" from "./fileCommandDownloadActiveFile.ts"
[debug] register command "Download Active Folder" from "./fileCommandDownloadActiveFolder.ts"
[debug] register command "Download File" from "./fileCommandDownloadFile.ts"
[debug] register command "Download Folder" from "./fileCommandDownloadFolder.ts"
[debug] register command "Download Force" from "./fileCommandDownloadForce.ts"
[debug] register command "Download Project" from "./fileCommandDownloadProject.ts"
[debug] register command "Edit In Local" from "./fileCommandEditInLocal.ts"
[debug] register command "List" from "./fileCommandList.ts"
[debug] register command "List All" from "./fileCommandListAll.ts"
[debug] register command "Reveal In Explorer" from "./fileCommandRevealInExplorer.ts"
[debug] register command "Reveal In Remote Explorer" from "./fileCommandRevealInRemoteExplorer.ts"
[debug] register command "Sync Both Directions" from "./fileCommandSyncBothDirections.ts"
[debug] register command "Sync Local To Remote" from "./fileCommandSyncLocalToRemote.ts"
[debug] register command "Sync Remote To Local" from "./fileCommandSyncRemoteToLocal.ts"
[debug] register command "Upload" from "./fileCommandUpload.ts"
[debug] register command "Upload Active File" from "./fileCommandUploadActiveFile.ts"
[debug] register command "Upload Active Folder" from "./fileCommandUploadActiveFolder.ts"
[debug] register command "Upload Changed File" from "./fileCommandUploadChangedFile.ts"
[debug] register command "Upload File" from "./fileCommandUploadFile.ts"
[debug] register command "Upload Folder" from "./fileCommandUploadFolder.ts"
[debug] register command "Upload Force" from "./fileCommandUploadForce.ts"
[debug] register command "Upload Project" from "./fileCommandUploadProject.ts"
[info] config at /Users/sydney/Documents/placeholder-path {"remotePath":"/server/placeholder-path","uploadOnSave":true,"downloadOnOpen":false,"ignore":["\.vscode","\.git","\.DS_Store","\node_modules","\lib\kint","\lib\timber","\assets\vendor","\acf-json"],"concurrency":4,"protocol":"sftp","connectTimeout":10000,"interactiveAuth":false,"secure":false,"passive":false,"remoteTimeOffsetInHours":0,"port":2222,"host":"******","username":"","privateKeyPath":"/Users/sydney/.ssh/id_rsa"}
[info] [file-save] /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig
[trace] handle upload file for /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig
[error] Error: Cannot parse privateKey: Unsupported key format
at Client.connect (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/node_modules/ssh2/lib/client.js:231:13)
at Promise (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102315)
at new Promise ()
at h. (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:102037)
at Generator.next ()
at /Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:99068
at new Promise ()
at r (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98845)
at h._connectSSHClient (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:101817)
at h. (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:100517)
at Generator.next ()
at s (/Users/sydney/.vscode/extensions/liximomo.sftp-1.7.7/dist/extension.js:70:98901)
at download /Users/sydney/Documents/placeholder-path/views/single-commercial-property.twig
[trace] run command 'Toggle Output Panel

[liximomo]

@sydneyjean Have you set a passphrase to your key file?

[sydneyjean]

@liximomo yeah, I tried it with:

1. a key that didn't have a passphrase
2. a key that did have a passphrase
3. a key that originally had a passphrase, then removed with ssh-keygen -p id_rsa as @cjcox17 suggested.

With all attempts I shut down and restarted vscode. From my research online I haven't found a way to generate an ssh key on macOS mojave without OPENSSH format. 🤔

[liximomo]

@cjcox17 @fanshengshuai @biu0w0 @sydneyjean We need to wait for the upstream library to support this.

Here is some workarounds:

• Downgrade your ssh-keygen binary (you can easily get old version from any linux/docker image)
• Add option -m PEM into your ssh-keygen command. For example, you can run ssh-keygen -m PEM -t rsa -b 4096 -C "[email protected]" to force ssh-keygen to export as PEM format.

[Jaswinder00]

I am experiencing the same issue on Mac Mojave 10.14.1. I have a key generated without passcode. We need a solution that must work with existing key. I think this extension needs changes to support the format to work with Mac Mojave

[Jaswinder00]

The same issue is happening on Windows machine as well. Please fix this issue or provide a workaround.

[sydneyjean]

This workaround solved the issue for me

Add option -m PEM into your ssh-keygen command. For example, you can run ssh-keygen -m PEM -t rsa -b 4096 -C "[email protected]" to force ssh-keygen to export as PEM format.

[Jaswinder00]

@sydneyjean Thanks that did resolve the issue. I think this should be in the setup instructions as a workaround.

[hosseinsalemi]

+1 same problem

[kietluu]

1. “BEGIN OPENSSH PRIVATE KEY”….
   • Env: Mac Mojave 10.14.1

• Generate new ssh key with old format “BEGIN RSA PRIVATE KEY”
  * ssh-keygen -m PEM

• Covert Old id_rsa Private Key = puttygen
  * puttygen -O -o
  * puttygen id_rsa -O private-openssh -o id_rsa_new

https://kmagen2.wordpress.com/2019/01/04/begin-openssh-private-key-begin-rsa-private-key/

[liximomo]

Should now be supported in sftp v1.9.0.

[ppinter1]

@KietLuuu What version of puttygen are you using, please? On puttygen v0.67 I have here, your very promising suggestion: puttygen id_rsa -O private-openssh -o id_rsa_new complains with: puttygen: this command would perform no useful action.

Following down the rabbit hole of your supplied link gets me here, but with the same result. I can't create an updated (RFC4716 compliant) version of my old private key.