Comments (8)
Fixed.
This problem only appears on Debian12 with libssh2-1 1.10.0-3
If you install the libssh package from Ubuntu (libssh2-1 1.11.0-2), everything works fine
from oxidized.
This is not a fix, but a workaround, I face that same issue with debian12 - libssh2-1 1.10.0-3 and gitlab.
from oxidized.
I had a similar issue - there's quite a few variables here - gitlab can use OpenSSH or it's own built in ssh server depending on what you have configured, and there are lots of different key types you can use to authenticate for ssh.
What I found in my case was if oxidized is using an RSA key it was attempting to use the older ssh-rsa method (ie RSA with SHA1) but the gitlab end wouldn't accept that and only supports rsa-sha2-256 or rsa-sha2-512. OpenSSH deprecated ssh-rsa in version 8.8 so this should really be dependant on the OpenSSH version not the version of gitlab, but maybe you're running gitlab in a container and the gitlab update updated OpenSSH in the container? or maybe you're using gitlabs own ssh server (not the default).
I didn't dig too much further into what changed to break this. For me there was another easy work around - switching to an ED25519 key which is more secure than RSA anyway and doesn't have this issue.
Also see libssh2/libssh2#536 confirming libssh2 didn't add support for SHA2 with RSA until 1.11.0
from oxidized.
please reopen
from oxidized.
Reopening this bug as a request from @eoli3n . This seems an upstream problem from libssh2, so I'm not sure what we could do here...
from oxidized.
Still having issues with this.
from oxidized.
workaround:
hooks:
push_to_remote:
events: [post_store]
#type: githubrepo
#remote_repo: [email protected]:username/oxidized-configs.git
#publickey: /opt/oxidized/.ssh/id_rsa.pub
#privatekey: /opt/oxidized/.ssh/id_rsa
type: exec
cmd: 'git --git-dir /opt/oxidized/oxidized.git remote add origin [email protected]:username/oxidized-configs.git; git --git-dir /opt/oxidized/oxidized.git push origin master --force'
from oxidized.
For people using the docker version of gitlab it's also possible to re-enable SHA1 on the gitlab end by setting GITLAB_ALLOW_SHA1_RSA=true for now:
https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7035
However this option will be removed in gitlab 17, so it would be better to migrate away from RSA keys and start using ED25519 ones that don't have this issue.
from oxidized.
Related Issues (20)
- tplink model not working with Tplink SX-3008F switch
- Multiple HTTP sources not working HOT 8
- Rocky Linux PromptUndetect HOT 11
- Problem with changing ios.rb HOT 3
- Single UBNT EdgeSwitch constantly adding/removing last 50-ish lines of config HOT 1
- Slackdiff Hook Fails Due to Depreciation of files.upload API method HOT 1
- Tp-link change backup HOT 1
- Hook to gogs authentication issue HOT 4
- HTTP/Mechanize and custom port
- Problem with saving large configurations HOT 2
- docker-compose GPG encryption of router.db HOT 1
- Installing gem package oxidized-script is failing HOT 1
- Ruby Sass has reached end-of-life and should no longer be used. HOT 1
- Help with ArubaOS8 - Prompt HOT 4
- Huawei Model extend to save config HOT 3
- http input log HOT 1
- Monkey patching changes the order of commands. HOT 1
- Rugged::NetworkError: unsupported URL protocol HOT 3
- Raisecom switch fails backup - but full backup is stored in the log file. HOT 2
- Http input: not managed error 404 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oxidized.