Can't use SSH keys: error in libcrypto

Installing and Using OpenWrt
1

I used owut to upgrade from 24.10.0 to 24.10.2, and following the upgrade I can no longer SSH into other machines from OpenWRT using keys. Each time, it fails with the message Load key "/etc/ssh/id_ed25519": error in libcrypto and moves on to password auth. Passwords do work though.

I've tested with fresh keys generated by OpenWRT's ssh-keygen, both RSA and ED25519. I also tried reinstalling dropbear.

ssh -vvv output 
root@OpenWrt:~# ssh -vvv -i /etc/ssh/id_ed25519 USER@HOST
OpenSSH_9.9p2, OpenSSL 3.0.17 1 Jul 2025
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/root/.ssh/known_hosts2'
debug2: resolving "HOST" port 22
debug3: resolve_host: lookup HOST:22
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to HOST [72.21.17.40] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /etc/ssh/id_ed25519 type 3
debug1: identity file /etc/ssh/id_ed25519-cert type 7
debug1: Local version string SSH-2.0-OpenSSH_9.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_10.0
debug1: compat_banner: match: OpenSSH_10.0 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to HOST:22 as 'USER'
debug3: record_hostkey: found key type ED25519 in file /root/.ssh/known_hosts:3
debug3: load_hostkeys_file: loaded 1 keys from HOST
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: have matching best-preference key type ssh-ed25519-cert-v01@openssh.com, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
debug2: host key algorithms: ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ext-info-s,kex-strict-s-v00@openssh.com
debug2: host key algorithms: ssh-ed25519,rsa-sha2-512,rsa-sha2-256,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug3: kex_choose_conf: will use strict KEX ordering
debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:mK9cR5ijkzND+IDJUcpGOf6DPCtyrXbLz3jo3UlEjx8
debug3: record_hostkey: found key type ED25519 in file /root/.ssh/known_hosts:3
debug3: load_hostkeys_file: loaded 1 keys from HOST
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'HOST' is known and matches the ED25519 host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug3: send packet: type 21
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: Sending SSH2_MSG_EXT_INFO
debug3: send packet: type 7
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug2: KEX algorithms: sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
debug2: host key algorithms: ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug3: kex_input_ext_info: extension server-sig-algs
debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256>
debug3: kex_input_ext_info: extension publickey-hostbound@openssh.com
debug1: kex_ext_info_check_ver: publickey-hostbound@openssh.com=<0>
debug3: kex_input_ext_info: extension ping@openssh.com
debug1: kex_ext_info_check_ver: ping@openssh.com=<0>
debug3: kex_input_ext_info: extension channel-max-window@openssh.com
debug1: kex_ext_info_client_parse: channel-max-window@openssh.com (unrecognised)
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug3: kex_input_ext_info: extension server-sig-algs
debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256>
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Will attempt key: /etc/ssh/id_ed25519 ED25519 SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0 explicit
debug1: Will attempt key: /etc/ssh/id_ed25519 ED25519-CERT SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0 explicit
debug2: pubkey_prepare: done
debug1: Offering public key: /etc/ssh/id_ed25519 ED25519 SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0 explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /etc/ssh/id_ed25519 ED25519 SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0 explicit
debug3: sign_and_send_pubkey: using publickey-hostbound-v00@openssh.com with ED25519 SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0
debug3: sign_and_send_pubkey: signing using ssh-ed25519 SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0
Load key "/etc/ssh/id_ed25519": error in libcrypto
debug1: Offering public key: /etc/ssh/id_ed25519 ED25519-CERT SHA256:WUURkMC9D0osnaaFKOMPjkmiqNSc+BDXgVvFubJFo/0 explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
USER@HOST's password:

Since 24.10.2 released over 2 months ago and I haven't been able to find anyone else talking about this, I suspect this is somehow an issue with my setup. But, I'm not really sure how to debug this further.

2

dropbear does not depend on libcrypto nor stores any key in /etc/ssh/

Mine

debug1: Local version string SSH-2.0-OpenSSH_9.6
debug1: Remote protocol version 2.0, remote software version dropbear

Yours

debug1: Local version string SSH-2.0-OpenSSH_9.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_10.0

broke Openssh did not install by itself.

Resolution would be owut web interface and remove any strains of openssh

current openssh on 24.10 is openssh-server_9.9_p2

Please add output of

ubus call system board
service
3 Likes
3

You are right, it turns out I installed openssh to use certificates and sftp. I did that so long ago I completely forgot, sorry. Though, I was using it just fine up until the update.

Uninstalling it does fix the issue, but I would still like to be able to use these features from openssh. It's not some kind of corruption, since it is still broken on a reinstall.

root@OpenWrt:~# ubus call system board
{
        "kernel": "6.6.93",
        "hostname": "OpenWrt",
        "system": "ARMv8 Processor rev 4",
        "model": "GL.iNet GL-MT6000",
        "board_name": "glinet,gl-mt6000",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "24.10.2",
                "revision": "r28739-d9340319c6",
                "target": "mediatek/filogic",
                "description": "OpenWrt 24.10.2 r28739-d9340319c6",
                "builddate": "1750711236"
        }
}
root@OpenWrt:~# service
Usage: service <service> [command]
/etc/init.d/autossh                enabled         stopped
/etc/init.d/boot                   enabled         stopped
/etc/init.d/bootcount              enabled         stopped
/etc/init.d/cron                   enabled         running
/etc/init.d/dnsmasq                enabled         running
/etc/init.d/dockerd                enabled         running
/etc/init.d/done                   enabled         stopped
/etc/init.d/dropbear               enabled         running
/etc/init.d/firewall               enabled         stopped
/etc/init.d/fstab                  enabled         stopped
/etc/init.d/gpio_switch            enabled         stopped
/etc/init.d/led                    enabled         stopped
/etc/init.d/log                    enabled         running
/etc/init.d/network                enabled         running
/etc/init.d/nginx                  enabled         running
/etc/init.d/odhcpd                 enabled         running
/etc/init.d/packet_steering        enabled         stopped
/etc/init.d/prometheus-node-exporter-lua           enabled         running
/etc/init.d/rpcd                   enabled         running
/etc/init.d/sysctl                 enabled         stopped
/etc/init.d/sysfixtime             enabled         stopped
/etc/init.d/sysntpd                enabled         running
/etc/init.d/system                 enabled         stopped
/etc/init.d/ttyd                   enabled         running
/etc/init.d/ubihealthd             enabled         stopped
/etc/init.d/ucitrack               enabled         stopped
/etc/init.d/uhttpd                 enabled         running
/etc/init.d/umount                 enabled         stopped
/etc/init.d/urandom_seed           enabled         stopped
/etc/init.d/urngd                  enabled         running
/etc/init.d/wpad                   enabled         running
4

No problem to solve. sftp client from openssh works perfectly fine with dbclient.

5

Dropbear does have sftp client support, but not server. The wiki recommends using openssh instead.

And, dropbear doesn't support certificates at all.

6 
root@debian:~# lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 12 (bookworm)
Release:	12
Codename:	bookworm
root@debian:~# dbclient -h
Dropbear SSH client v2022.83 https://matt.ucc.asn.au/dropbear/dropbear.html
Usage: dbclient [options] [user@]host[/port][,[user@]host/port],...] [command]
...
-i <identityfile>   (multiple allowed, default ~/.ssh/id_dropbear)
-A    Enable agent auth forwarding
...

It is different, not dysfunctional. You need agent, sftp-client sftp-server from openssh, but not the client or server

it does not support xauth / -X forwarding.

7

Okay, installing just openssh-sftp-server does allow sftp to work. However, dropbear still does not support ssh certificates, even with agent forwarding.

8

But Yes. If you want to use certs, both client and server has to support it.

Please correct me if I'm wrong but it's only openssh itself which handles certs.

PS. I'm a huge fan boy of ssh certs, too.

9

Yes, that's the problem. Dropbear doesn't support certs, and for some reason openssh doesn't work properly on my device.

10

Yes, that is completely false, stop complaining

11

Yo @anon63541380 the page has not a single hit or mark regarding ssh certificates.

See https://man.openbsd.org/ssh-keygen.1

Search for CERTIFICATES

Edit. Ps. Again afaik openssh is the only one how supports ssh certificates even it should be in an RFC and it makes a lot of sense. If paired with fido2 it's just nice.

12

Question does not talk about (timed, pki) certificates, but about the PUBLICKEY auth. thanks. Apples vs potatoes.

13

Maybe it was about TLS certs then? :person_shrugging:

Edit add-on

It literally talks about ssh certs based auth.

14

Just a figure of speech, log says unpassworded public/private keys.

15

@anon63541380 yes because cert based auth is not offered

16

Btw thx for that hint. I didn't know about that gem.

17

To bad https://man.archlinux.org/man/extra/dropbear/dbclient.1.en loose a single word if it does support user and or host certificates.

18

To be clear: my initial issue was that openssh wasn't working with ssh keys. (I tested both with and without certificates.) You suggested I move to dropbear, since it does work properly with keys. However, dropbear does not work with certificates, which I also use.

Openssh considers certificates to be part of the publickey auth method.

19

Well - your initial claim was you were using drop bear…. Took some minute to figure out you did not even know.

20

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.