Explore all Authentication open source software, libraries, packages, source code, cloud functions and APIs.

Popular New Releases in Authentication

supabase

March 2022: Launch Week Special

monica

v3.7.0

authelia

v4.35.0

hydra

v1.11.7

jwt-auth

1.0.2 Release

Popular Libraries in Authentication

supabase

by supabase doticontypescriptdoticon

star image 31360 doticonApache-2.0

The open source Firebase alternative. Follow to stay updated about our public Beta.

iosched

by google doticonkotlindoticon

star image 20748 doticonNOASSERTION

The Google I/O Android App

monica

by monicahq doticonphpdoticon

star image 16226 doticonAGPL-3.0

Personal CRM. Remember everything about your friends, family and business relationships.

authelia

by authelia doticongodoticon

star image 12699 doticonApache-2.0

The Single Sign-On Multi-Factor portal for web apps

hydra

by ory doticongodoticon

star image 12436 doticonApache-2.0

OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

jwt-auth

by tymondesigns doticonphpdoticon

star image 10488 doticonMIT

🔐 JSON Web Token Authentication for Laravel & Lumen

react-native-firebase

by invertase doticonjavascriptdoticon

star image 9925 doticonNOASSERTION

🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.

next-auth

by nextauthjs doticontypescriptdoticon

star image 9836 doticonISC

Authentication for Next.js

cas

by apereo doticonjavadoticon

star image 9377 doticonApache-2.0

Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

Trending New libraries in Authentication

supertokens-core

by supertokens doticonjavadoticon

star image 5681 doticonApache-2.0

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

sanctum

by laravel doticonphpdoticon

star image 2266 doticonMIT

Laravel Sanctum provides a featherweight authentication system for SPAs and simple APIs.

breeze

by laravel doticonphpdoticon

star image 1728 doticonMIT

Minimal Laravel authentication scaffolding with Blade and Tailwind.

fortify

by laravel doticonphpdoticon

star image 1283 doticonMIT

Backend controllers and scaffolding for Laravel authentication.

next-auth-example

by nextauthjs doticontypescriptdoticon

star image 1053 doticonISC

An example project that shows how to use NextAuth.js

next-iron-session

by vvo doticonjavascriptdoticon

star image 871 doticonMIT

🛠 Next.js stateless session utility using signed and encrypted cookies to store data

next-firebase-auth

by gladly-team doticonjavascriptdoticon

star image 713 doticonMIT

Simple Firebase authentication for all Next.js rendering strategies

caddy-auth-portal

by greenpau doticongodoticon

star image 662 doticonApache-2.0

Authentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA with App Authenticators and Yubico.

IdentityServer

by DuendeSoftware doticonjavascriptdoticon

star image 637 doticonNOASSERTION

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

Top Authors in Authentication

1

auth0

85 Libraries

star icon26311

2

auth0-blog

64 Libraries

star icon3314

3

oktadeveloper

57 Libraries

star icon1110

4

jaredhanson

53 Libraries

star icon9369

5

auth0-samples

51 Libraries

star icon2746

6

cornflourblue

48 Libraries

star icon5911

7

oktadev

48 Libraries

star icon1154

8

firebase

44 Libraries

star icon47899

9

pac4j

31 Libraries

star icon3804

10

googlearchive

28 Libraries

star icon4387

1

85 Libraries

star icon26311

2

64 Libraries

star icon3314

3

57 Libraries

star icon1110

4

53 Libraries

star icon9369

5

51 Libraries

star icon2746

6

48 Libraries

star icon5911

7

48 Libraries

star icon1154

8

44 Libraries

star icon47899

9

31 Libraries

star icon3804

10

28 Libraries

star icon4387

Trending Kits in Authentication

Two-factor authentication (2FA) is a multifactor security process where users must authenticate their identity with two different means. This ensures better protection of secured assets and information.

Traditional username and password combinations are prone to hacking and getting hacked has been on the rise. Implementing 2FA authentication will prevent hackers from accessing your accounts even if your password is stolen. 2FA is a recommended practice for securing all your online accounts and devices to protect sensitive information losses.

You will need a different set of components with features ranging from creating the secret codes, accessing and authenticating.

OTP:

Time-based One-Time Password involves generating a one-time password from a shared secret key and the current timestamp using cryptographic algorithms. These libraries will help you generate secrete one-time passwords

SMS

Typically the OTP codes are sent to the user's mobile phone using SMS. This also helps to validate the user's mobile number correctness. The user can then enter the secret code into the application to complete the multifactor authentication. The below libraries will help in sending SMS from your application.

Email

The unique generated one-time password is sent via email to the user. The user uses the code from the email and enters the code into the application to confirm the authentication.

Biometric Authentication

Using Biometrics for authentication has been made easy with mobile devices. Biometrics can include different choices, such as using fingerprints, voice, and face as the secondary authentication mechanism.

Push Notifications

Typically, push notifications are sent to your mobile app to authorize login requests. It will include the details of the access device details and once authorized, the login to the application is allowed. Below libraries help in implementing the push notification-based authorization.

Trending Discussions on Authentication

`Firebase` package was successfully found. However, this package itself specifies a `main` module field that could not be resolved

How to solve Invalid credentials problem in bitbucket?

Unauthorized (Invalid Token) when authenticating with JWT Bearer Token after update to .NET 6

Bitbucket Cloud recently stopped supporting account passwords for Git authentication

"fatal: Authentication failed for" when pushing to GitHub from Visual Studio Code (1.62.2)

Which Android device has BIOMETRIC_STRONG (Class 3) face authentication?

Use token to push some code to GitHub - "Support for password authentication was removed"

Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)

refusing to allow a Personal Access Token to create or update workflow

'AmplifySignOut' is not exported from '@aws-amplify/ui-react'

QUESTION

`Firebase` package was successfully found. However, this package itself specifies a `main` module field that could not be resolved

Asked 2022-Apr-02 at 17:19

I'm trying to read and write to firestore, use firebase's authentication, and firebase's storage within a expo managed react-native application.

Full Error:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5

My firebase config file:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32

I installed the firebase package with:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32expo install firebase
33

Any help would be greatly appreciated. Thank you!

ANSWER

Answered 2021-Nov-03 at 05:52

To reduce the size of the app, firebase SDK (v9.0.0) became modular. You can no longer do the import statement like before on v8.

You have two options.

  1. Use the backwards compatible way. (it will be later removed):

This:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32expo install firebase
33import firebase from 'firebase/app';
34import 'firebase/auth';
35import 'firebase/firestore';
36

Should be changed to:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32expo install firebase
33import firebase from 'firebase/app';
34import 'firebase/auth';
35import 'firebase/firestore';
36// v9 compat packages are API compatible with v8 code
37import firebase from 'firebase/compat/app';
38import 'firebase/compat/auth';
39import 'firebase/compat/firestore';
40
  1. Refactor your code now.

From this:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32expo install firebase
33import firebase from 'firebase/app';
34import 'firebase/auth';
35import 'firebase/firestore';
36// v9 compat packages are API compatible with v8 code
37import firebase from 'firebase/compat/app';
38import 'firebase/compat/auth';
39import 'firebase/compat/firestore';
40import firebase from "firebase/compat/app";
41import "firebase/compat/auth";
42
43const auth = firebase.auth();
44auth.onAuthStateChanged(user => { 
45  // Check for user status
46});
47

To this:

1While trying to resolve module `firebase` from file `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\firebase.js`, the package `C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\package.json` was successfully found. However, this package itself specifies a `main` module field that could not be resolved (`C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index`. Indeed, none of these files exist:
2
3  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
4  * C:\Users\joshu\Desktop\VSProjects\VolleyballConnect\node_modules\firebase\index\index(.native|.android.ts|.native.ts|.ts|.android.tsx|.native.tsx|.tsx|.android.js|.native.js|.js|.android.jsx|.native.jsx|.jsx|.android.json|.native.json|.json)
5import firebase from "firebase";
6import { initializeApp } from "firebase/app";
7import "firebase/firestore";
8import "firebase/auth";
9import "firebase/storage";
10
11// I'm using the example key here, I have the correct config
12const firebaseConfig = {
13  apiKey: "api-key",
14  authDomain: "project-id.firebaseapp.com",
15  databaseURL: "https://project-id.firebaseio.com",
16  projectId: "project-id",
17  storageBucket: "project-id.appspot.com",
18  messagingSenderId: "sender-id",
19  appId: "app-id",
20  measurementId: "G-measurement-id",
21};
22
23if (firebase.apps.length === 0) {
24  initializeApp(firebaseConfig);
25}
26
27const db = firebase.firestore();
28const auth = firebase.auth();
29const storage = firebase.storage();
30
31export { db, auth, storage };
32expo install firebase
33import firebase from 'firebase/app';
34import 'firebase/auth';
35import 'firebase/firestore';
36// v9 compat packages are API compatible with v8 code
37import firebase from 'firebase/compat/app';
38import 'firebase/compat/auth';
39import 'firebase/compat/firestore';
40import firebase from "firebase/compat/app";
41import "firebase/compat/auth";
42
43const auth = firebase.auth();
44auth.onAuthStateChanged(user => { 
45  // Check for user status
46});
47import { getAuth, onAuthStateChanged } from "firebase/auth";
48
49const auth = getAuth(firebaseApp);
50onAuthStateChanged(auth, user => {
51  // Check for user status
52});
53

You should definitely check the documentation

Source https://stackoverflow.com/questions/69814654

QUESTION

How to solve Invalid credentials problem in bitbucket?

Asked 2022-Mar-31 at 13:55

My bitbucket password is correct because I can easily login with this password. When I try to push a project or file to bitbucket it shows Invalid credentials error.

1$ git push -u origin master
2fatal: Invalid credentials
3Password for 'https://username@bitbucket.org':
4remote: Bitbucket Cloud recently stopped supporting account passwords for Git authentication.
5remote: See our community post for more details: https://atlassian.community/t5/x/x/ba-p/1948231
6remote: App passwords are recommended for most use cases and can be created in your Personal settings:
7remote: https://bitbucket.org/account/settings/app-passwords/
8fatal: Authentication failed for 'https://bitbucket.org/username/demo.git/'
9

How can I solve this issue?

ANSWER

Answered 2022-Mar-07 at 11:47

Go to credential Manager -> Windown Credential -> Add a generic credential fill up the fields Network address: git:https://bitbucket.org Username: App Password: Solver from Here

Source https://stackoverflow.com/questions/71378839

QUESTION

Unauthorized (Invalid Token) when authenticating with JWT Bearer Token after update to .NET 6

Asked 2022-Mar-23 at 10:13

After updating the package Microsoft.AspNetCore.Authentication.JwtBearer from version 3.1.14 to 6.0.1, requests with authentication fail with 401 Unauthorized "invalid token".

What needs to be changed with the new package version?

ANSWER

Answered 2022-Jan-20 at 13:18

This seems to be a bug. Adding an event handler (JwtBearerEvents), the failure could be identified as a MissingMethodException:

1Method not found: 'Void Microsoft.IdentityModel.Tokens.InternalValidators.ValidateLifetimeAndIssuerAfterSignatureNotValidatedJwt(Microsoft.IdentityModel.Tokens.SecurityToken, System.Nullable`1<System.DateTime>, System.Nullable`1<System.DateTime>, System.String, Microsoft.IdentityModel.Tokens.TokenValidationParameters, System.Text.StringBuilder)'.
2

with stack trace

1Method not found: 'Void Microsoft.IdentityModel.Tokens.InternalValidators.ValidateLifetimeAndIssuerAfterSignatureNotValidatedJwt(Microsoft.IdentityModel.Tokens.SecurityToken, System.Nullable`1<System.DateTime>, System.Nullable`1<System.DateTime>, System.String, Microsoft.IdentityModel.Tokens.TokenValidationParameters, System.Text.StringBuilder)'.
2at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
3at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
4at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()",
5

Simply adding the current version of System.IdentityModel.Tokens.Jwt solved the problem.


Update: Please also note the comment by @Rubenisme below.

Source https://stackoverflow.com/questions/70579279

QUESTION

Bitbucket Cloud recently stopped supporting account passwords for Git authentication

Asked 2022-Mar-16 at 20:19

I have pushed the code in the morning it was working fine but now I'm trying to push code but getting this error: Bitbucket Cloud recently stopped supporting account passwords for Git authentication

ANSWER

Answered 2022-Mar-15 at 05:06

I've also faced this issue..

  1. Then I opened my Bitbucket account. 2)Then at the bottom left corner you will find an icon with your username's initials. 3)Click on that and go to settings and click on Personal Settings 4)In personal Settings, in the left panel you will find "access management"
  2. Under that you will find "app passwords"
  3. Click on that --> Then you will routed to create app password page
  4. There you can give the required permissions and create password (Note: You have to store that password somewhere as it will be displayed only once) 8)When you push the code to any repo...use your app password instead of your account password (No need to change any settings in the git_config file)

Happy programming :) !

Source https://stackoverflow.com/questions/71472009

QUESTION

"fatal: Authentication failed for" when pushing to GitHub from Visual Studio Code (1.62.2)

Asked 2022-Feb-23 at 05:40

A lot of us are currently having the issue where we aren't able to push changes to GitHub anymore and getting a fatal: Authentication failed for error. This has been observed on Linux.

This is because the newest version of Visual Studio Code (1.62.2) introduced this bug.

Is there a fix for this version, or otherwise a workaround?

ANSWER

Answered 2021-Nov-17 at 16:12

The way I solved it was by downgrading it to 1.62.1, and now it works perfectly again.

I'm on Linux, so this may not apply or work for you, but it should if all Visual Studio Code versions are the same across all OSes.

The Visual Studio Code team has confirmed that it will be fixed on 1.62.3

If you use openSUSE Tumbleweed like me, you can run the following command in the terminal to downgrade:

$ sudo zypper install --oldpackage code-1.62.1

Source https://stackoverflow.com/questions/69979522

QUESTION

Which Android device has BIOMETRIC_STRONG (Class 3) face authentication?

Asked 2022-Feb-02 at 10:46

I have implemented biometric authentication in my application with biometric level BIOMETRIC_STRONG (Class 3). The fingerprint authentication is working as expected but I couldn't able to test the face authentication on any of my devices (Samsung Galaxy S10, Oppo A3S, etc.). I think the face authentication in those devices is not falling under Class 3.

Are there any Android devices with BIOMETRIC_STRONG (Class 3) face authentication? It would be helpful if someone can provide a list.

ANSWER

Answered 2022-Feb-02 at 10:46

Pixel 4 is currently the only device with face authentication that qualifies as BIOMETRIC_STRONG (Class 3).

Face authentication was not added to pixel 5, and looks like there are no plans to add it back with Pixel 6 either.

This is true as of 5th October 2021, but there might be more devices that support in the future.

Source: https://cs.android.com/androidx/platform/frameworks/support/+/androidx-main:biometric/biometric/src/main/res/values/devices.xml

Source https://stackoverflow.com/questions/68904823

QUESTION

Use token to push some code to GitHub - "Support for password authentication was removed"

Asked 2022-Jan-28 at 13:43

Error message when using git push:

Support for password authentication was removed on August 13, 2021. Please use a personal access token instead. remote: Please see https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information. fatal: unable to access 'https://github.com/codingTheWorld777/react-mini-projects.git/': The requested URL returned error: 403"***

I cannot use my token to access GitHub, so how can I push code to GitHub?

ANSWER

Answered 2021-Sep-05 at 20:46

You need to create a personal access token. You can find the instructions on creating personal access token in Creating a personal access token

Make sure you keep the access token secure & secret. After that you need to replace your current saved password in the device (laptop/desktop) with the access token. In macOS you can search for Keychain and find GitHub with an Internet password and replace it with your access token. For instructions, see Updating credentials from the macOS Keychain.

In Windows, it might be Credential Manager (I'm not sure). Check this out: How to update your Git credentials on Windows

Source https://stackoverflow.com/questions/68779331

QUESTION

Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)

Asked 2022-Jan-13 at 14:49

I have a Python 3 application running on CentOS Linux 7.7 executing SSH commands against remote hosts. It works properly but today I encountered an odd error executing a command against a "new" remote server (server based on RHEL 6.10):

encountered RSA key, expected OPENSSH key

Executing the same command from the system shell (using the same private key of course) works perfectly fine.

On the remote server I discovered in /var/log/secure that when SSH connection and commands are issued from the source server with Python (using Paramiko) sshd complains about unsupported public key algorithm:

userauth_pubkey: unsupported public key algorithm: rsa-sha2-512

Note that target servers with higher RHEL/CentOS like 7.x don't encounter the issue.

It seems like Paramiko picks/offers the wrong algorithm when negotiating with the remote server when on the contrary SSH shell performs the negotiation properly in the context of this "old" target server. How to get the Python program to work as expected?

Python code

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27

Shell command equivalent

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28

Paramiko logs (DEBUG)

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69

Shell command logs

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure.  Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure.  Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281

ANSWER

Answered 2022-Jan-13 at 14:49

Imo, it's a bug in Paramiko. It does not handle correctly absence of server-sig-algs extension on the server side.

Try disabling rsa-sha2-* on Paramiko side altogether:

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure.  Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure.  Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281ssh_client.connect(
282  server, username=ssh_user, key_filename=ssh_keypath,
283  disabled_algorithms=dict(pubkeys=["rsa-sha2-512", "rsa-sha2-256"]))
284

(note that there's no need to specify port=22, as that's the default)

I've found related Paramiko issue:
RSA key auth failing from paramiko 2.9.x client to dropbear server

Though it refers to Paramiko 2.9.0 change log, which seems to imply that the behavior is deliberate:

When the server does not send server-sig-algs, Paramiko will attempt the first algorithm in the above list. Clients connecting to legacy servers should thus use disabled_algorithms to turn off SHA2.


Since 2.9.2, Paramiko will say:

DEB [20220113-14:46:13.882] thr=1 paramiko.transport: Server did not send a server-sig-algs list; defaulting to our first preferred algo ('rsa-sha2-512')
DEB [20220113-14:46:13.882] thr=1 paramiko.transport: NOTE: you may use the 'disabled_algorithms' SSHClient/Transport init kwarg to disable that or other algorithms if your server does not support them!


Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".


Your code for waiting for command to complete and reading its output is flawed too. See Wait to finish command executed with Python Paramiko. And for most purposes, the get_pty=True is not a good idea either.

Source https://stackoverflow.com/questions/70565357

QUESTION

refusing to allow a Personal Access Token to create or update workflow

Asked 2022-Jan-04 at 10:12

Today when I added a workflow and push the code to GitHub remote repo, shows this error:

1refusing to allow a Personal Access Token to create or update workflow
2

This is the full error output:

1refusing to allow a Personal Access Token to create or update workflow
2~/Documents/GitHub/flutter-netease-music on  master ⌚ 12:25:13
3$ git push origin master                                                                                                      ‹ruby-2.7.2›
4Username for 'https://github.com': username
5Password for 'https://jiangxiaoqiang@github.com':
6Enumerating objects: 19, done.
7Counting objects: 100% (19/19), done.
8Delta compression using up to 12 threads
9Compressing objects: 100% (11/11), done.
10Writing objects: 100% (13/13), 1.86 KiB | 1.86 MiB/s, done.
11Total 13 (delta 6), reused 0 (delta 0), pack-reused 0
12remote: Resolving deltas: 100% (6/6), completed with 4 local objects.
13To https://github.com/jiangxiaoqiang/flutter-netease-music.git
14 ! [remote rejected] master -> master (refusing to allow a Personal Access Token to create or update workflow `.github/workflows/main-ios.yml` without `workflow` scope)
15error: failed to push some refs to 'https://github.com/jiangxiaoqiang/flutter-netease-music.git'
16(base)
17

I am auth with token and have privillege to modify the repo. Now I could not push using password. When I try to use my password, the error message is:

1refusing to allow a Personal Access Token to create or update workflow
2~/Documents/GitHub/flutter-netease-music on  master ⌚ 12:25:13
3$ git push origin master                                                                                                      ‹ruby-2.7.2›
4Username for 'https://github.com': username
5Password for 'https://jiangxiaoqiang@github.com':
6Enumerating objects: 19, done.
7Counting objects: 100% (19/19), done.
8Delta compression using up to 12 threads
9Compressing objects: 100% (11/11), done.
10Writing objects: 100% (13/13), 1.86 KiB | 1.86 MiB/s, done.
11Total 13 (delta 6), reused 0 (delta 0), pack-reused 0
12remote: Resolving deltas: 100% (6/6), completed with 4 local objects.
13To https://github.com/jiangxiaoqiang/flutter-netease-music.git
14 ! [remote rejected] master -> master (refusing to allow a Personal Access Token to create or update workflow `.github/workflows/main-ios.yml` without `workflow` scope)
15error: failed to push some refs to 'https://github.com/jiangxiaoqiang/flutter-netease-music.git'
16(base)
17~/Documents/GitHub/flutter-netease-music on  master ⌚ 12:28:37
18$ git push origin master                                                                                                      ‹ruby-2.7.2›
19Username for 'https://github.com': username
20Password for 'https://jiangxiaoqiang@github.com':
21remote: Support for password authentication was removed on August 13, 2021. Please use a personal access token instead.
22remote: Please see https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information.
23fatal: unable to access 'https://github.com/jiangxiaoqiang/flutter-netease-music.git/': The requested URL returned error: 403
24(base)
25

Why would this happen and what should I do to fix it?

ANSWER

Answered 2021-Aug-17 at 05:15

give workflow privillege when created token in GitHub:

enter image description here

Source https://stackoverflow.com/questions/68811838

QUESTION

'AmplifySignOut' is not exported from '@aws-amplify/ui-react'

Asked 2021-Dec-19 at 14:09

I've run into this issue today, and it's only started today. Ran the usual sequence of installs and pushes to build the app...

1npx create-react-app exampleapp
2npm start
3amplify init
4amplify add api
5Amplify push
6npm install aws-amplify @aws-amplify/ui-react
7amplify add auth
8amplify push
9

Make my changes to the index.js and ap.js as usual..

index.js:

1npx create-react-app exampleapp
2npm start
3amplify init
4amplify add api
5Amplify push
6npm install aws-amplify @aws-amplify/ui-react
7amplify add auth
8amplify push
9import React from 'react';
10import ReactDOM from 'react-dom';
11import './index.css';
12import App from './App';
13import reportWebVitals from './reportWebVitals';
14import Amplify from 'aws-amplify';
15import aws_exports from './aws-exports'
16
17Amplify.configure(aws_exports);
18
19ReactDOM.render(
20  <React.StrictMode>
21    <App />
22  </React.StrictMode>,
23  document.getElementById('root')
24);
25
26reportWebVitals();
27

App.js:

1npx create-react-app exampleapp
2npm start
3amplify init
4amplify add api
5Amplify push
6npm install aws-amplify @aws-amplify/ui-react
7amplify add auth
8amplify push
9import React from 'react';
10import ReactDOM from 'react-dom';
11import './index.css';
12import App from './App';
13import reportWebVitals from './reportWebVitals';
14import Amplify from 'aws-amplify';
15import aws_exports from './aws-exports'
16
17Amplify.configure(aws_exports);
18
19ReactDOM.render(
20  <React.StrictMode>
21    <App />
22  </React.StrictMode>,
23  document.getElementById('root')
24);
25
26reportWebVitals();
27import React from 'react';
28import './App.css';
29import { withAuthenticator, AmplifySignOut, Authenticator } from '@aws-amplify/ui-react';
30import { Amplify, Auth } from 'aws-amplify';
31import awsExports from './aws-exports';
32
33import awsconfig from './aws-exports';
34
35Amplify.configure(awsconfig);
36Auth.configure(awsconfig);
37
38function App() {
39   return (
40    <div>
41      <h1>Help!</h1>
42      <AmplifySignOut />
43    </div>
44   );
45}
46
47export default withAuthenticator(App);
48

If I add AmplifySignOut it throws the error: 'AmplifySignOut' is not exported from '@aws-amplify/ui-react'

If I remove AmplifySignOut, then the login appears but it has no formatting as per the Amazon Authentication style (orange button etc.).

I can add import '@aws-amplify/ui-react/styles.css'; and I get some styling back, but I really need things back to how the were working. Any help would be appreciated!

ANSWER

Answered 2021-Nov-20 at 19:28

I am following along with the Amplify tutorial and hit this roadblock as well. It looks like they just upgraded the react components from 1.2.5 to 2.0.0 https://github.com/aws-amplify/docs/pull/3793

Downgrading ui-react to 1.2.5 brings back the AmplifySignOut and other components used in the tutorials.

in package.json:

1npx create-react-app exampleapp
2npm start
3amplify init
4amplify add api
5Amplify push
6npm install aws-amplify @aws-amplify/ui-react
7amplify add auth
8amplify push
9import React from 'react';
10import ReactDOM from 'react-dom';
11import './index.css';
12import App from './App';
13import reportWebVitals from './reportWebVitals';
14import Amplify from 'aws-amplify';
15import aws_exports from './aws-exports'
16
17Amplify.configure(aws_exports);
18
19ReactDOM.render(
20  <React.StrictMode>
21    <App />
22  </React.StrictMode>,
23  document.getElementById('root')
24);
25
26reportWebVitals();
27import React from 'react';
28import './App.css';
29import { withAuthenticator, AmplifySignOut, Authenticator } from '@aws-amplify/ui-react';
30import { Amplify, Auth } from 'aws-amplify';
31import awsExports from './aws-exports';
32
33import awsconfig from './aws-exports';
34
35Amplify.configure(awsconfig);
36Auth.configure(awsconfig);
37
38function App() {
39   return (
40    <div>
41      <h1>Help!</h1>
42      <AmplifySignOut />
43    </div>
44   );
45}
46
47export default withAuthenticator(App);
48"dependencies": {
49    "@aws-amplify/ui-react": "^1.2.5",
50   ...
51}
52

Alternatively, you'll need to look into the version 2 docs to find suitable replacements: https://ui.docs.amplify.aws/components/authenticator

Source https://stackoverflow.com/questions/70036160

Community Discussions contain sources that include Stack Exchange Network

Tutorials and Learning Resources in Authentication

Tutorials and Learning Resources are not available at this moment for Authentication

Share this Page

share link

Get latest updates on Authentication