Subject: Libssh2: Libgcrypt authentication failure

Libssh2: Libgcrypt authentication failure

From: Paul Romero <>
Date: Sun, 22 Aug 2010 00:58:56 -0700

Dear Group:

I am experiencing a problem with libssh2 version 1.2.6 which
I don't understand. The symptoms are described below and suggest
the problem is specific to libgcrypt. Any insight about the
problem would be greatly appreciated.

The example/sftp_write_nonblock program fails with error -19--
LIBSSH2_PUBLICKEY_UNVERIFIED. However, the tests/ script
works correctly.

These are the arguments I am passing in the sftp_write_nonblock

    const char *username="paulr"; /* System Must stripped */
    const char *password="secret_agent";
    const char *loclfile="sftp_write_nonblock.c";

This is the call which performs the authentication:

while ((rc = libssh2_userauth_publickey_fromfile(session, username,
        password)) == LIBSSH2_ERROR_EAGAIN);

is_rsa has a passphrase and I know both id_rsa and
are good because I can login to my system with ssh. Also,
the .ssh/authorized_key file is valid.

In the routine _libssh2_pem_parse() fails and returns a -1
when called by _libssh2_rsa_new_private() in src/libgcrypt.c.

The version of libssh2 is 1.2.6 and the
configure options are as follows:

 --with-libgcrypt-prefix=/usr/lib --without-openssl

Note that if I configure the software without any flags
the example/sftp_write_nonblock program works.

My system is Debian Linux system with libgcrypt installed and
the the following build information:

Linux build 2.6.18-6-686 #1 SMP Fri Feb 19 23:40:03 UTC 2010 i686

A potential clue about the problem is that the length of the
decrypted private key seems to be calculated inconsistently.

Best Regards,

Paul R.

Paul Romero
RCOM Communications Software
Phone/Fax: (510)339-2628
Received on 2010-08-22