[SOLVED] KeyError fix

Having complained here about a CouldNotReadKey bug over a year ago I finally found the time to dive in and figure out what was going wrong.

My server has three keys. rsa , ecdsa and ed25519 . When connecting for the first time you are asked to confirm the identity of the ‘first key’ and ecdsa has precedence over ed25519, which is saved in your ~/.ssh/known_hosts file.

Then when pijul checks your known_hosts file it will find the ecdsa signature and bugs out with only the CouldNotReadKey msg.

My quick fix was to drop my ecdsa, but seeing how this stopped me from using pijul for over a year , something should probably be improved somewhere :slight_smile:

Thanks for the report.

So, you’re not the first one to complain about the lack of support for ECDSA. There is a substantial cost, and possibly future technical debt, to implementing all possible crypto primitives in Thrussh.

What is the advantage of ECDSA over alternatives? Is there a good reason to use it?