Yosemite SSH is too old to read ecdsa SSH keys?
As you may, or may not know, I am a Front-end user interface engineer.1 I got a new Macbook Pro from work recently, to better facilitate my developer duties.2 Prior to this I was working on my personal machine with Arch Linux installed.3 Since linux and the BSDs (on which OS X is based) are so similar, I was able to transfer large portions of my linux environment to OS X with minimal downtime.
Or would have, had I not run into problems with SSH. After copying my ~/.ssh
directory from my linux box to OS X, I tried to log in to some remote machines. Much to my chagrin, I recieved the following prompt from our gitolite server indicating problems with SSH pubkey:
ssh -T git@gitserver
git@10.44.91.15's password:
After some searching on the internet I re-ran the command with the -vvv switch as ssh -T git@gitserver
:
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/obennett/.ssh/id_ecdsa
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Saving password to keychain failed
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
debug1: Next authentication method: password
My interpretation of this debug output was that OS X Yosemite didn't support ECDSA SSH keys. Not intending to debug this any further I generated some RSA keys and went along my merry way. The RSA keys worked fine. We call that kind of thing a workaround.
This is the official job title bestowed upon me, but simple Front-end developer will suffice. Although, I do perform a fair bit of server backend (dev ops) duties as well -- e.g. setting up and maintaining our gitolite server.
Well, that and I didn't like the Dell machine I had. It was a nice machine, but it wasn't a mac. As I mentioned previously I'd put Ubuntu linux on my macbook pro to work around some very nasty hardware issues in the dedicated video car--issues which rendered my display useless.
Going with Arch Linux and and there rolling release allows me to have to most up to date packages available.