/
SSH incompatibility with Amazon OpsWorks [5]
SSH incompatibility with Amazon OpsWorks [5]
- Netsarang Support
Owned by Netsarang Support
Mar 08, 2021
Analytics
Loading data...
SSH incompatibility with Amazon OpsWorks
Saturday, May 24, 2014 3:35 AM - Joe
Hi there,
i cannot logint to a newly created OpsWorks VM with XShell, i could login with putty though.
This is an Ubuntu VM. In the auth log i can see this:
May 23 13:43:44 java-app1 sshd[4949]: error: bad sig size 32 32
May 23 13:43:44 java-app1 sshd[4949]: fatal: mm_answer_sign: key_sign failed
May 23 13:44:30 java-app1 sshd[4967]: error: bad sig size 32 32
May 23 13:44:30 java-app1 sshd[4967]: fatal: mm_answer_sign: key_sign failed
May 23 13:44:42 java-app1 sshd[4969]: error: bad sig size 32 32
May 23 13:44:42 java-app1 sshd[4969]: fatal: mm_answer_sign: key_sign failed
With trace and log enabled in XShell i can see this in the log:
Connecting to xxx.xxx.xxx.xxx:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+G'.
[12:34:07] Version exchange initiated...
[12:34:07] server: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
[12:34:07] client: SSH-2.0-nsssh2_4.0.0031 NetSarang Computer, Inc.
[12:34:07] SSH2 is selected.
[12:34:07] Algorithm negotiation initiated...
[12:34:07] key exchange: diffie-hellman-group14-sha1
[12:34:07] host key: ssh-dss
[12:34:07] outgoing encryption: aes128-cbc
[12:34:07] incoming encryption: aes128-cbc
[12:34:07] outgoing mac: hmac-sha1
[12:34:07] incoming mac: hmac-sha1
[12:34:07] outgoing compression: none
[12:34:07] incoming compression: none
Connection closed by foreign host.
Any hints?
Thanks!
Program Ver. : Xshell 4
i cannot logint to a newly created OpsWorks VM with XShell, i could login with putty though.
This is an Ubuntu VM. In the auth log i can see this:
May 23 13:43:44 java-app1 sshd[4949]: error: bad sig size 32 32
May 23 13:43:44 java-app1 sshd[4949]: fatal: mm_answer_sign: key_sign failed
May 23 13:44:30 java-app1 sshd[4967]: error: bad sig size 32 32
May 23 13:44:30 java-app1 sshd[4967]: fatal: mm_answer_sign: key_sign failed
May 23 13:44:42 java-app1 sshd[4969]: error: bad sig size 32 32
May 23 13:44:42 java-app1 sshd[4969]: fatal: mm_answer_sign: key_sign failed
With trace and log enabled in XShell i can see this in the log:
Connecting to xxx.xxx.xxx.xxx:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+G'.
[12:34:07] Version exchange initiated...
[12:34:07] server: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
[12:34:07] client: SSH-2.0-nsssh2_4.0.0031 NetSarang Computer, Inc.
[12:34:07] SSH2 is selected.
[12:34:07] Algorithm negotiation initiated...
[12:34:07] key exchange: diffie-hellman-group14-sha1
[12:34:07] host key: ssh-dss
[12:34:07] outgoing encryption: aes128-cbc
[12:34:07] incoming encryption: aes128-cbc
[12:34:07] outgoing mac: hmac-sha1
[12:34:07] incoming mac: hmac-sha1
[12:34:07] outgoing compression: none
[12:34:07] incoming compression: none
Connection closed by foreign host.
Any hints?
Thanks!
Program Ver. : Xshell 4
Re: SSH incompatibility with Amazon OpsWorks
Saturday, May 24, 2014 3:36 AM - Joe
I have tested it with the new XShell beta 5, same result.
Re: SSH incompatibility with Amazon OpsWorks
Saturday, May 24, 2014 4:21 AM - Joe
Log from auth.log with sshd running LogLevel DEBUG3 :
May 24 11:17:03 java-app1 sshd[32321]: debug3: fd 5 is not O_NONBLOCK
May 24 11:17:03 java-app1 sshd[32321]: debug1: Forked child 32362.
May 24 11:17:03 java-app1 sshd[32321]: debug3: send_rexec_state: entering fd = 8 config len 710
May 24 11:17:03 java-app1 sshd[32321]: debug3: ssh_msg_send: type 0
May 24 11:17:03 java-app1 sshd[32321]: debug3: send_rexec_state: done
May 24 11:17:03 java-app1 sshd[32362]: debug3: oom_adjust_restore
May 24 11:17:03 java-app1 sshd[32362]: Set /proc/self/oom_score_adj to 0
May 24 11:17:03 java-app1 sshd[32362]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
May 24 11:17:03 java-app1 sshd[32362]: debug1: inetd sockets after dupping: 3, 3
May 24 11:17:03 java-app1 sshd[32362]: Connection from XXX.XXX.XXX.XXX port 63763
May 24 11:17:03 java-app1 sshd[32362]: debug1: Client protocol version 2.0; client software version nsssh2_4.0.0031 NetSarang Computer, Inc.
May 24 11:17:03 java-app1 sshd[32362]: debug1: no match: nsssh2_4.0.0031 NetSarang Computer, Inc.
May 24 11:17:03 java-app1 sshd[32362]: debug1: Enabling compatibility mode for protocol 2.0
May 24 11:17:03 java-app1 sshd[32362]: debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
May 24 11:17:03 java-app1 sshd[32362]: debug2: fd 3 setting O_NONBLOCK
May 24 11:17:03 java-app1 sshd[32362]: debug2: Network child is on pid 32363
May 24 11:17:03 java-app1 sshd[32362]: debug3: preauth child monitor started
May 24 11:17:03 java-app1 sshd[32362]: debug3: privsep user:group 105:65534 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: permanently_set_uid: 105/65534 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: SSH2_MSG_KEXINIT sent [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: SSH2_MSG_KEXINIT received [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: reserved 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ssh-dss,ssh-rsa [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: reserved 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: mac_setup: found hmac-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: kex: client->server aes128-cbc hmac-sha1 none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: mac_setup: found hmac-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: kex: server->client aes128-cbc hmac-sha1 none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: dh_gen_key: priv key bits set: 159/320 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: bits set: 1055/2048 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: expecting SSH2_MSG_KEXDH_INIT [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: bits set: 1031/2048 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_key_sign entering [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_request_send entering: type 5 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_request_receive entering
May 24 11:17:04 java-app1 sshd[32362]: debug3: monitor_read: checking request 5
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_answer_sign
May 24 11:17:04 java-app1 sshd[32362]: error: bad sig size 32 32
May 24 11:17:04 java-app1 sshd[32362]: fatal: mm_answer_sign: key_sign failed
May 24 11:17:04 java-app1 sshd[32362]: debug1: do_cleanup
May 24 11:17:04 java-app1 sshd[32362]: debug3: PAM: sshpam_thread_cleanup entering
May 24 11:17:03 java-app1 sshd[32321]: debug3: fd 5 is not O_NONBLOCK
May 24 11:17:03 java-app1 sshd[32321]: debug1: Forked child 32362.
May 24 11:17:03 java-app1 sshd[32321]: debug3: send_rexec_state: entering fd = 8 config len 710
May 24 11:17:03 java-app1 sshd[32321]: debug3: ssh_msg_send: type 0
May 24 11:17:03 java-app1 sshd[32321]: debug3: send_rexec_state: done
May 24 11:17:03 java-app1 sshd[32362]: debug3: oom_adjust_restore
May 24 11:17:03 java-app1 sshd[32362]: Set /proc/self/oom_score_adj to 0
May 24 11:17:03 java-app1 sshd[32362]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
May 24 11:17:03 java-app1 sshd[32362]: debug1: inetd sockets after dupping: 3, 3
May 24 11:17:03 java-app1 sshd[32362]: Connection from XXX.XXX.XXX.XXX port 63763
May 24 11:17:03 java-app1 sshd[32362]: debug1: Client protocol version 2.0; client software version nsssh2_4.0.0031 NetSarang Computer, Inc.
May 24 11:17:03 java-app1 sshd[32362]: debug1: no match: nsssh2_4.0.0031 NetSarang Computer, Inc.
May 24 11:17:03 java-app1 sshd[32362]: debug1: Enabling compatibility mode for protocol 2.0
May 24 11:17:03 java-app1 sshd[32362]: debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
May 24 11:17:03 java-app1 sshd[32362]: debug2: fd 3 setting O_NONBLOCK
May 24 11:17:03 java-app1 sshd[32362]: debug2: Network child is on pid 32363
May 24 11:17:03 java-app1 sshd[32362]: debug3: preauth child monitor started
May 24 11:17:03 java-app1 sshd[32362]: debug3: privsep user:group 105:65534 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: permanently_set_uid: 105/65534 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
May 24 11:17:03 java-app1 sshd[32362]: debug1: SSH2_MSG_KEXINIT sent [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: SSH2_MSG_KEXINIT received [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: reserved 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: ssh-dss,ssh-rsa [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: kex_parse_kexinit: reserved 0 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: mac_setup: found hmac-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: kex: client->server aes128-cbc hmac-sha1 none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: mac_setup: found hmac-sha1 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: kex: server->client aes128-cbc hmac-sha1 none [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: dh_gen_key: priv key bits set: 159/320 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: bits set: 1055/2048 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug1: expecting SSH2_MSG_KEXDH_INIT [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug2: bits set: 1031/2048 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_key_sign entering [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_request_send entering: type 5 [preauth]
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_request_receive entering
May 24 11:17:04 java-app1 sshd[32362]: debug3: monitor_read: checking request 5
May 24 11:17:04 java-app1 sshd[32362]: debug3: mm_answer_sign
May 24 11:17:04 java-app1 sshd[32362]: error: bad sig size 32 32
May 24 11:17:04 java-app1 sshd[32362]: fatal: mm_answer_sign: key_sign failed
May 24 11:17:04 java-app1 sshd[32362]: debug1: do_cleanup
May 24 11:17:04 java-app1 sshd[32362]: debug3: PAM: sshpam_thread_cleanup entering
Re: SSH incompatibility with Amazon OpsWorks
Saturday, May 31, 2014 11:17 AM - Joe
Any answer on this, please?
Re: SSH incompatibility with Amazon OpsWorks
Monday, June 2, 2014 3:04 AM - Support
The SSH server log shows:
May 24 11:17:04 java-app1 sshd[32362]: error: bad sig size 32 32
This error occurs due to size limit of sig parts.
Will you try updating to the latest Xshell 5 beta and then select hmac-sha2-256 from the <MAC list> settings (session properties > Security > Mac (Message Authentication Protocol).
---
Technical Support
May 24 11:17:04 java-app1 sshd[32362]: error: bad sig size 32 32
This error occurs due to size limit of sig parts.
Will you try updating to the latest Xshell 5 beta and then select hmac-sha2-256 from the <MAC list> settings (session properties > Security > Mac (Message Authentication Protocol).
---
Technical Support
Re: SSH incompatibility with Amazon OpsWorks
Saturday, June 7, 2014 2:54 AM - Joe
Great, thanks, i could login with the latest xshell 5 beta.
I didn't have to change anything in the configuration.
I didn't have to change anything in the configuration.
Previous views: 246
Related content
Problem connecting to AWS using private key [3]
Problem connecting to AWS using private key [3]
More like this
An error (code = 0) occurred in ssh-agent connection. [1]
An error (code = 0) occurred in ssh-agent connection. [1]
More like this
Can't Login Hostkey Reject [7]
Can't Login Hostkey Reject [7]
More like this
ssh로 잘접속 됬었는데 갑자기 안되네요.. [1]
ssh로 잘접속 됬었는데 갑자기 안되네요.. [1]
More like this
Can`t connect to solaris through SSH [1]
Can`t connect to solaris through SSH [1]
More like this
Why does my connection to an Amazon Linux 2023 instance fail when using an RSA key?
Why does my connection to an Amazon Linux 2023 instance fail when using an RSA key?
More like this