@AliveDevil commented

Can you let me know which SSH key type the AWS pem file is?

e7ea378 commented

I believe it's a 2048-bit SSH-2 RSA key, but I'm going by the AWS documentation. The key itself is prefixed -----BEGIN RSA PRIVATE KEY----- and suffixed -----END RSA PRIVATE KEY-----.

@AliveDevil commented

I just checked with following commands:
ssh-keygen -b 2048 -t rsa -f test.pem
This creates a file with the BEGIN RSA PRIVATE KEY and END RSA PRIVATE KEY-sections, copied the .pub-file to the SSH server and tried using this key to authenticate to my test server.

I checked following file formats:

• regular ssh-keygen RSA PEM format
• PuTTy RSA SHA2 2048 Bit
  • Key file
  • exported as OpenSSH PEM
  • exported as OpenSSH new format PEM
    Works just fine with this format.
    Can you send us the log output? Provide log output

e7ea378 commented

As per the log output guide I have 0 Subsystem logs for ch.sudo.cyberduck with Debugging and Info messages on in Console.app.

There are plenty of others though if you can direct me to anything in particular. Nothing leaps out at me for being suspicious when I review the logs I have.

e7ea378 commented

Is there any update on this issue, which remains a blocking issue to use of Cyberduck?

I have a feeling that the test .pem file would need to be one from the AWS service. (Not one generated locally for test.) I can provide a dummy AWS .pem key for test if required.

@AliveDevil commented

Didn't have any chance to check that again yet. For the logging: You did enable logging=debug through defaults write ch.sudo.cyberduck logging debug? Otherwise very few messages will be written to the system log.

A dummy key which does show this issue would be highly appreciated. By any chance: Which server operating system and SSH server is in use, so we can recreate a matching system here?

e7ea378 commented

Hi, I apologise for taking a little time to get back to this issue. I believe I have actually solved it by generating a brand new .pem key in the AWS console and associating that with the EC2 instance in /home/ec2-user/.ssh/authorized_keys and then using that one with Cyberduck.

I can now both ssh into the instance and use the new key in Cyberduck without issue.

On inspecting the keys themselves I notice that the formatting is different between the original and new keys. The block length is shorter in the older key.

Thank you for investigating.