Handshake failed: ssh: unable to authenticate … again


I know this issue has been discussed several times, but none of the solutions work for me.

I’ve set up my VPS on Linode, boringproxy is running there as a systemd service. Everything works there, including the boringproxy admin dashboard.

Now I’m trying to test the client side. My PC appears in the client list on the dashboard, I can easily create a tunnel, but when the tunnel is created, the client outputs these lines:

2023/01/09 15:18:43 SyncTunnels
2023/01/09 15:18:43 New tunnel cloud.pervoj.cz
2023/01/09 15:18:43 BoreTunnel cloud.pervoj.cz
2023/01/09 15:18:43 BoreTunnel error:  Failed to dial: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Server doesn’t output anything until I try to open the domain in browser, then it prints this error:

2023/01/09 15:19:12 dial tcp [::1]:46059: connect: connection refused

And browser prints the same:

browser output

Here is the tunnel configuration:

tunnel configuration

I tried logging in from the private key file with this command:

ssh -v -i id_rsa -R pervoj@cloud.pervoj.cz

Again, everything works.

I use OpenSSH version 8.8 on both server an client.

Hi @pervoj, can you confirm what version of boringproxy you’re using. I recently released 0.10.0 which includes many fixes.

Hello, yes, I’m using v0.10.0 on both server and client.

Hm this is rather strange. If you’re able to use the private key downloaded from the server, then the client tunnels should work too. Only thing I can recommend is maybe starting from scratch.

I started from scratch now, completely new VPS, and the same problem. I don’t understand what is wrong.

Hi, I am using the same version (0.10.0) and I have the same problem. Is there any workaround?
thank you!

@perdixero are you also using Linode?

Solving this sort of problem is tricky because it usually involves breaking everything down, compiling boringproxy from source and debugging to figure out exactly what the problem is. So you either need to be a developer or have one who can do this for you. I don’t personally have time given that boringproxy isn’t something I make money from.

If you can’t compile and debug the client yourself, I’d recommend at least making 100% that you can SSH manually from the same machine the client is running on to your server, using the same key as downloaded from the admin page. If that doesn’t work then I really can’t guess what the problem is.