password ssh login must using PreferredAuthentications=password param

[clysto]

without PreferredAuthentications=password

ssh 'admin:[email protected]'  -p 2222
Connection closed by 127.0.0.1 port 2222

with PreferredAuthentications=password

ssh 'admin:[email protected]' -o PreferredAuthentications=password  -p 2222
admin:[email protected]'s password:
 Warpgate  Selected target: ubuntu
 Warpgate  Host key (ssh-ed25519): AAAAC3NzaC1lZDI1NTE5AAAAIGZXAkCq4SHKnDTga5MlihfG+ouSNt0sgaKZfOVA9hKl

 ✓ Warpgate connected
Welcome to Ubuntu 23.04 (GNU/Linux 6.2.0-39-generic x86_64)

[clysto]

I think the problem is that the line parsing the Public Key throws an error, which causes the client to stop trying other auth methods. The error was thrown due to a change in the parse behavior in russh-keys crate.

https://github.com/warp-tech/russh/blob/5f93b896f7fe426c452de17db0ef4698b06d3e7c/russh/src/server/encrypted.rs#L381

[clysto]

The problem is solved when vendord-openssl feature is turned on.

[Eugeny]

Which public key types does your client try to offer? (you can verify it with ssh -v)

[clysto]

debug1: Offering public key: /Users/maoyachen/.ssh/id_rsa RSA SHA256:i05UTRwUOymHDeLEYVj9o5it1K/Phf7Qkza6GOpzD18
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Offering public key: /Users/maoyachen/.ssh/id_rsa RSA-CERT SHA256:i05UTRwUOymHDeLEYVj9o5it1K/Phf7Qkza6GOpzD18
Connection closed by 127.0.0.1 port 2222

[Eugeny]

Thanks - it's specifically CA-signed RSA keys that crash russh - I'll look into it