SSH Certificate based authentication does not work

Yes there's a new config option that gets asked.

Optional path to public key file; set this if you have a signed certificate you want to use for authentication.

Leading `~` will be expanded in the file name as will environment variables such as `${RCLONE_CONFIG_DIR}`.

Enter a string value. Press Enter for the default ("").
1 Like

Nice one - thank you!

I'll push this to a branch so it builds a binary - can you test @Kelly_Trinh ? on branch pr-4625-sftp-certs (uploaded in 15-30 mins)

Ubuntu AMD64 works fine, so no more comments there but what drove this was running rclone from my mobile phone and it a snag there

Termux (Android) ARM64 seems to complain about something related to IPv6 (see below) irrespective of whether using regular keypair or cert keys. The rclone that comes by default doesn't seem to have a problem (but only supports the regular keypairs). Not sure if I am testing the wrong version tho - see version info belo.

Error message:

2020/09/25 10:46:58 Failed to create file system for "core-wsl1:": NewFs: couldn't connect SSH: dial tcp: lookup on [::1]:53: read udp [::1]:46798->[::1]:53: read: connection refused

Version I tested from your beta builds:

- os/arch: linux/arm64
- go version: go1.15.2

Version that comes from Termux repos that work with regular keypairs:

rclone v1.53.1-DEV
- os/arch: android/arm64
- go version: go1.15.2

that looks like some kind of dns error, port 53.

as a test, can you bind to an ipv4 address

This isn't related to my change, which doesn't touch that at all. It looks like you're trying to talk a DNS server that isn't configured, on IPv6.

Maybe try changing the runtime?

export GODEBUG=netdns=cgo


export GODEBUG=netdns=go

and see if that makes any difference.

I tried both the bind and runtime env and didn't fix.

I do think it must be something weird with the termux that is confusing things as seems weird to have a regression related to IPv6.

Anyway; the core ssh cert works if this can be merged into mainline then eventually the termux guy will probably do a build for the particular environment which should fix this.

Note that the linux/arm build doesn't work under termux properly, it needs some customisation. If you look in the beta folder you'll see a folder called testbuilds - this has an android arm 32 bit build on which may work.

Or you can checkout the branch on Android and build it. Git and go are both in Termux.

If you have trouble then I can send you a compiled binary.


i use rclone on termux every day, never had a problem yet.

the version of rclone does not state if it is 32 or 64.
am i to assume that this is the 32-bit version?

rclone v1.53.0-DEV
- os/arch: android/arm
- go version: go1.15.1

Me too :slight_smile:

The standard linux/arm build doens't work well though - you see these name resolution problems. Termux builds with a modified go runtime or build system to work around this.

Yes that is ARM 32 bit - it would say arm64 otherwise

Thanks to @sweh this feature is now complete!

I've merged this to master now which means it will be in the latest beta in 15-30 mins and released in v1.54

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.