Rebex appears to have support for the OpenSSH protocol. I have my keys stored in 1Password, which has an SSH agent that listens to the OpenSSH pipe (\\.\pipe\openssh-ssh-agent), and makes the key available after authentication.
https://blog.1password.com/1password-ssh-agent/
https://developer.1password.com/docs/ssh/agent/advanced/
I'd like to be able to have 1Password provide the key to the Rebex terminal.
Hi Thomas,
to my knowledge, the Rebex implementation is not based on OpenSSH implementation. However, since it's abiding the SSH standards and RFC it is (should be) compatible connecting to servers based on OpenSSH. Also note, that the SSH protocol and the SSH Agent protocol are two different things. Rebex does not seem to have support for that (yet). To learn more (and vote), you can check out this post in their forums:
https://forum.rebex.net/21686/ssh-agent-support?show=21686#q21686
Regards,
Stefan
Small addendum: the OpenSSH version distributed with Windows 10 is somewhat out of date already and can always be replaced by what is available at https://github.com/PowerShell/Win32-OpenSSH.
I assume that using the OpenSSH client directly is not as straight-forward as it appears, because Rebex.NET is both an SSH client and a terminal emulator, whereas OpenSSH is just the former?
(The same is true for PuTTY, with the added pain of re-parenting a foreign processes' window thrown in.)
I.e. you'd still need something to actually host the OpenSSH process within RoyalTS?
I'm not sure if the modern, soon-to-be-default Windows Terminal provides any help here. It does have plenty of APIs and (as far as I can say) good documentation.
https://github.com/microsoft/terminal
I'm not sure if it would be worth the effort.
I certainly would like to get rid of the problems the re-parenting of PuTTY brings.
Rebex would do that, but it is far less feature-complete than PuTTY.
I've been trying to test out the feature, with no success. I can run the following command from command prompt:
ssh -l username www.server.com
I'm not sure if RoyalTS is sending the username prior to attempting to use the key from 1password. The verbose logs appear to be failing "SSH: Negotiation" prior to prompting for the credential.
Hi Thomas,
I'm not sure what you are trying to do. This thread might be a bit confusing because at the end it was about agent support in Rebex based terminal (note that forwarding is not supported).
Regards,
Stefan
The OpenSSH support in Rebex appears to be having issues when a username is required, but a password isn't required.
Here's the documentation of rebex' implementation of agent support:
https://www.rebex.net/doc/api/Rebex.Net.SshAuthenticationAgent.html
According to the docs, they implemented is according to the following RFC
https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent-00
Since we can't really verify the implementation, it might be best to contact rebex directly with a repro case and detailed logs to find out if there's bug or issue in their implementation.
Either using their Q&A forum https://forum.rebex.net/
or directly support@rebex.net
Regards,
Stefan
I got a response from the Rebex forum:
https://forum.rebex.net/22511/rebex-ssh-username-and-private-key-no-password?show=22514#a22514
The method to do this would be:
public void Login(string userName, SshPrivateKey privateKey)
I believe RoyalTS is sending username and a blank password via this method:
public void Login(string userName, string password, SshPrivateKey privateKey)
We do regularly check the Microsoft Terminal source. Right now, it's not that easy to integrate it in other applications. The integration samples are basically code snippets taken from Visual Studio (WPF) integration which has poor performance and is far from what the Rebex based terminal can do. They do have plans to make an embeddable component at some point but there's no timeline for that. Once they have something which would work, we will try to make a plugin based on that component.
I have an SSH (rebux) based connection in a folder called "2-linux"
The credential settings of this connection is to use the parent.
Under Security -> General, I have the following settings (PublicKey, OpenSSH, Fingerprint)
The parent folder credentials log in as root, with a random password. Totally random, not related to the password for the servers at all, just generated via RoyalTS and put in there. I dunno why I did that, but I haven't had issues so maybe you could try?
I'm using RoyalTS for Windows version 7.0.50823, and 1Password for Windows 8.10.16
That worked. So a password is being required even if it isn't used for the connection. Thank you.
Hi Steve and Thomas,
thanks for the feedback and the information. I can do a couple of things to make it "better" hopefully.
1) I could drop the requirement for username and password. In this case I will take the %USERNAME% environment variable
2) If no password is provided (but a private key file), I will call the API overload which doesn't require the password.
This should then make it much easier if an SSH agent is used. What do you think?
Regards,
Stefan
1) Would this be the username of whatever credential is active? I'm not familiar with environment variables with RoyalTS.
2) This should work.
Gleb Lesnikov
Hi! Microsoft is currently incorporating OpenSSH into Windows. Link: https://arstechnica.com/gadgets/2017/12/microsoft-quietly-snuck-an-ssh-client-and-server-into-the-latest-windows-10/
Let's start using it.
Thanks
1 person likes this idea