vstockwell/wraith
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 67 Wiki Activity

debug: verify ssh2 key parsing and log derived public key

Browse Source 
Uses ssh2 utils.parseKey() to check if the key decrypts and
parses correctly, logs the key type and public key fingerprint.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell 2026-03-14 01:13:51 -04:00
parent 36c8527c28
commit 6262ab6e7e
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
backend/src/terminal/ssh-connection.service.ts
View File

@ -1,5 +1,5 @@
import { Injectable, Logger } from '@nestjs/common'; import { Injectable, Logger } from '@nestjs/common';
import { Client, ClientChannel } from 'ssh2'; import { Client, ClientChannel, utils } from 'ssh2';
import { createHash } from 'crypto'; import { createHash } from 'crypto';
import { CredentialsService } from '../vault/credentials.service'; import { CredentialsService } from '../vault/credentials.service';
import { HostsService } from '../connections/hosts.service'; import { HostsService } from '../connections/hosts.service';
@ -112,6 +112,20 @@ export class SshConnectionService {
this.logger.log(`[SSH] Using key auth for ${connectConfig.username}@${connectConfig.host}:${connectConfig.port}`); this.logger.log(`[SSH] Using key auth for ${connectConfig.username}@${connectConfig.host}:${connectConfig.port}`);
this.logger.log(`[SSH] Key starts with: ${cred.sshKey.privateKey.substring(0, 40)}...`); this.logger.log(`[SSH] Key starts with: ${cred.sshKey.privateKey.substring(0, 40)}...`);
this.logger.log(`[SSH] Key length: ${cred.sshKey.privateKey.length}, has passphrase: ${!!cred.sshKey.passphrase}`); this.logger.log(`[SSH] Key length: ${cred.sshKey.privateKey.length}, has passphrase: ${!!cred.sshKey.passphrase}`);
// Verify ssh2 can parse the key
try {
const parsed = utils.parseKey(cred.sshKey.privateKey, cred.sshKey.passphrase || undefined);
if (parsed instanceof Error) {
this.logger.error(`[SSH] Key parse FAILED: ${parsed.message}`);
} else {
const keyInfo = Array.isArray(parsed) ? parsed[0] : parsed;
this.logger.log(`[SSH] Key parsed OK — type: ${keyInfo.type}, comment: ${keyInfo.comment || 'none'}`);
this.logger.log(`[SSH] Public key fingerprint: ${keyInfo.getPublicSSH?.()?.toString('base64')?.substring(0, 40) || 'N/A'}`);
}
} catch (e: any) {
this.logger.error(`[SSH] Key parse threw: ${e.message}`);
}
} else if (cred?.password) { } else if (cred?.password) {
connectConfig.password = cred.password; connectConfig.password = cred.password;
this.logger.log(`[SSH] Using password auth for ${connectConfig.username}@${connectConfig.host}:${connectConfig.port}`); this.logger.log(`[SSH] Using password auth for ${connectConfig.username}@${connectConfig.host}:${connectConfig.port}`);