Unable to connect using a key signed by a certificate authority

[davidchappelle]

I can connect fine using ssh in the terminal but I cannot get ssh2 to connect. I am actually using node-ssh which is just a thin wrapper around ssh2. I am using ssh2 version 1.5.0 which should have support for keys signed by a certificate authority.

        const sshClient = new ssh.NodeSSH();
        await sshClient.connect({
            debug: console.log.bind(console),
            host: this._smartLinkIp,
            username: 'bob',
            privateKey: '/home/bob/.ssh/id_rsa',
            publicKey: '/home/bob/.ssh/id_rsa-cert.pub'
        });

Custom crypto binding available
Local ident: 'SSH-2.0-ssh2js1.5.0'
Client: Trying 192.168.50.253 on port 22 ...
Socket connected
Remote ident: 'SSH-2.0-OpenSSH_7.9'
Outbound: Sending KEXINIT
Inbound: Handshake in progress
Handshake: (local) KEX method: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512
Handshake: (remote) KEX method: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
Handshake: KEX algorithm: ecdh-sha2-nistp256
Handshake: (local) Host key format: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
Handshake: (remote) Host key format: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
Handshake: Host key format: ssh-ed25519
Handshake: (local) C->S cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected]
Handshake: (remote) C->S cipher: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
Handshake: C->S Cipher: [email protected]
Handshake: (local) S->C cipher: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected]
Handshake: (remote) S->C cipher: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
Handshake: S->C cipher: [email protected]
Handshake: (local) C->S MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: (remote) C->S MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: C->S MAC: <implicit>
Handshake: (local) S->C MAC: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: (remote) S->C MAC: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: S->C MAC: <implicit>
Handshake: (local) C->S compression: none,[email protected],zlib
Handshake: (remote) C->S compression: none,[email protected]
Handshake: C->S compression: none
Handshake: (local) S->C compression: none,[email protected],zlib
Handshake: (remote) S->C compression: none,[email protected]
Handshake: S->C compression: none
Outbound: Sending KEXECDH_INIT
Received DH Reply
Host accepted by default (no verification)
Host accepted (verified)
Outbound: Sending NEWKEYS
Inbound: NEWKEYS
Verifying signature ...
Verified signature
Handshake completed
Outbound: Sending SERVICE_REQUEST (ssh-userauth)
Inbound: Received SERVICE_ACCEPT (ssh-userauth)
Outbound: Sending USERAUTH_REQUEST (none)
Inbound: Received USERAUTH_FAILURE (publickey,password,keyboard-interactive)
Client: none auth failed
Outbound: Sending USERAUTH_REQUEST (publickey -- check)
Inbound: Received USERAUTH_FAILURE (publickey,password,keyboard-interactive)
Client: publickey auth failed
Outbound: Sending DISCONNECT (11)

[mscdex]

Duplicate of #551.