How to use ed25519 key?

What is the problem you are having with rclone?

On trying to connect to an SSH/SFTP server, I get the error:

public key file is not a certificate file

I created my key pair like this:

ssh-keygen -t ed25519 -a 64 -C "my comment" -m pem -f mykey 

The -m pem gives the required PEM encoding. I renamed the private key with a .pem extension.

What is your rclone version (output from rclone version)

rclone v1.57.0-beta.5698.19fc1b2a9
- os/version: Android 9
- os/kernel: 4.4.78-perf+ (armv8l)
- os/type: android
- os/arch: arm64
- go/version: go1.16.9
- go/linking: dynamic
- go/tags: none

Which cloud storage system are you using? (eg Google Drive)

SSH/SFTP server that runs Linux kernel 5.14 and:

OpenSSH_8.8p1, OpenSSL 1.1.1l  24 Aug 2021

The server's /etc/ssh/sshd_config contains this option:

PubkeyAcceptedKeyTypes ssh-ed25519-cert-v01@openssh.com,ssh-ed25519

Therefore, I can only use the ed25519 key type.

The command you were trying to run (eg rclone copy /tmp remote:tmp)

I am new to rclone. I installed it for the first time. (Installed on Android as per above.) After doing the config steps (rclone config) I ran:

rclone lsd myconfigname

The rclone config contents with secrets removed.

# cat /data/ssh/root/.config/rclone/rclone.conf
[myconfigname]
type = sftp
host = mysite.com
user = myuser
key_file = ${RCLONE_CONFIG_DIR}/mykey.pem
pubkey_file = ${RCLONE_CONFIG_DIR}/mykey.pub

A log from the command with the -vv flag

# /sbin/rclone lsd -vv myconfigname:
2021/10/11 05:29:25 DEBUG : rclone: Version "v1.57.0-beta.5698.19fc1b2a9" starting with parameters ["/sbin/rclone" "lsd" "-vv" "myconfigname:"]
2021/10/11 05:29:25 DEBUG : Creating backend with remote "myconfigname:"
2021/10/11 05:29:25 DEBUG : Using config file from "/data/ssh/root/.config/rclone/rclone.conf"
2021/10/11 05:29:25 Failed to create file system for "myconfigname:": public key file is not a certificate file: /data/ssh/root/.config/rclone/mykey.pub

Hi, welcome to the forum.

Try without the following line:

pubkey_file = ${RCLONE_CONFIG_DIR}/mykey.pub

Then it will use the public key built into the private key.

See this:

Also, for background on the pubkey_file option:

1 Like

Thank you. Removing the .pub key solved it for me.

(BTW, I also had to turn off AFWall+. I will ask a separate question about getting rclone working with AFWall+.)

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.