Read more

net-ssh and openssl-3.0.0

Stefan Langenmaier
March 30, 2022Software engineer at makandra GmbH

Version 7 of net-ssh includes a fix for the mentioned bug.

You'll need openssl-3 or newer for servers running 22.04

Illustration online protection

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

  • Prevents you from data breaches and liability risks
  • Upgrade at your own pace
  • Works with modern Rubies
Read more Show archive.org snapshot

Ruby version 3.1 uses by default the gem openssl-3.0.0. This can cause issues with the gem net-ssh (6.1.0). This is a known bug Show archive.org snapshot .

Typically this can cause an error while deploying an application with capistrano:

could not verify server signature (SSHKit::Runner::ExecuteError)

or

Ed25519::VerifyError: signature verification failed!

As temporary workaround add the following line to your Gemfile:

gem 'openssl', '<3'

For more information check the compatibility notes Show archive.org snapshot .

Fix

Update net-ssh to version 7 or newer!

bundle update net-ssh --conservative

Bundler attempted to update net-ssh but its version stayed the same

Some of your gems prevented net-ssh from updating, update them first. Check your Gemfile.lock to find the gem that prevents you from updating and update this gem first.
bundle update net-scp --conservative

Posted by Stefan Langenmaier to makandra dev (2022-03-30 16:07)