BUG: Tabby does not appear to support "[email protected]" type SSH certificates via the OpenSSH agent

[Aterfax]

Describe the problem:

Testing on Ubuntu 22.04 with SSH certs of type shown below shows that Tabby (v1.0.215) is unable to negotiate an SSH connection with any SSH endpoint.

• [email protected]
• [email protected]
• [email protected]
• [email protected]

I expect this may also include all other types of certs.

I can successfully SSH using the normal Ubuntu terminal and the OpenSSH agent to get to onto endpoints with any of these types of SSH certs.

These certs were generated by the Smallstep step-cli utility though don't believe the generation method is really that important here per se as it seems like there's an SSH certificates support issue. I suspect the issue is that Tabby or the SSH library used lack support.

I'm not clear if I should file here: https://github.com/Eugeny/russh (but it looks like russh actually supports certs going off the PR history).

See also: https://docs.ssh.com/manuals/client-user/66/csc-algorithms-publickeyalgorithms.html

It would seem like Tabby or the SSH library used is not fully compliant with SSH standards or has a bug?

To Reproduce:

1. Create some SSH certificates as above and add your cert's public key to your server endpoint user's authorized_keys file / implement your trusted CA certificate and set the server SSH server to trust it.
2. Clear your SSH agent of keys via the command ssh-add -D
3. Add these certs to your current device's OpenSSH agent.
4. Login from your current device via built in CLI terminal and validate SSH connections work to your server endpoint.
5. Attempt the same via Tabby and observe that you are unable to connect.