Issue when have two keys in ietf-keystore #563
Description
I have two keys in the keystore, one for netopeer and one for wireguard, but netopeer seems to check both keys even if i in the config has said to it which key to use.
the keystore:
admin@infix-00-00-00:/config/> show keystore
asymmetric-keys {
asymmetric-key genkey {
public-key-format ssh-public-key-format;
public-key MIIBCgKCAQEAnhVB3dQouMUxLetvZpurJjg5uBtIjtIBEOpPIGWYHnHuwH16S204GusdsqgOohT1qX/eO5p8T2SKh2XrvOUAK4dJWVXl4OV6IfUBdwesxnmWqhq1BXYhP81DVm3aIToz00phXWB4z4ikZS3TmOeJZDj6UllsJl01o+UYSqy7aCZ8HUjrtA9FAoXuaEpH6e7UGW2vEgJ1zBJ1ma9dYC1etsWDOjp2Je1TSZe3VXOX6GlV77aExBWDOwfzaCVvPt2ZY2ME3f/nzwce210SZ+K+ilJMxSQfj4VJu+cffCFZZHMFjxm230nbsPNHI30Ro2xfPUo9WITkhyo4O0r21vH63wIDAQAB;
private-key-format rsa-private-key-format;
cleartext-private-key MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeFUHd1Ci4xTEt629mm6smODm4G0iO0gEQ6k8gZZgece7AfXpLbTga6x2yqA6iFPWpf947mnxPZIqHZeu85QArh0lZVeXg5Xoh9QF3B6zGeZaqGrUFdiE/zUNWbdohOjPTSmFdYHjPiKRlLdOY54lkOPpSWWwmXTWj5RhKrLtoJnwdSOu0D0UChe5oSkfp7tQZba8SAnXMEnWZr11gLV62xYM6OnYl7VNJl7dVc5foaVXvtoTEFYM7B/NoJW8+3ZljYwTd/+fPBx7bXRJn4r6KUkzFJB+PhUm75x98IVlkcwWPGbbfSduw80cjfRGjbF89Sj1YhOSHKjg7SvbW8frfAgMBAAECggEAHK5pqWgtTTzFy/mL2DeFKWWJH1yf4P28IMgKPCwCmf983GLHtfimdcfTtw7jvMeFvM+M0A6a4EKzGZbF2xtHWR5uEe3SS+gGrTOJJQH4+Hel/M3kqw2AQdWpknxS17V6Iqs7mBgBQ1Ic1Zina/YSSONHk3pS83D04vwVWLMXO3F66sj4CBeLijHwf2CAPw4EBGEsb7v64y0itG8/RanO7C1hW5MK4ybN0gTTb59PxT97oA+ibAyhQbhuIVMizVHnKkDcjkoKvgQksnxxsG+tG6V0ugg1NGd8d1Wjx9ZxJVyuZjwKmu6eEOLVcsOSsPvmMQFiU3jjgvb0nNXQVvZN0QKBgQDWwmtVtemCGpxNIkTsRUFUfVUBVKS1heoPoj78ops+wgazYoTLSZq62u9MH0jA+STNfWuxTEqfaPzb49lc4aBEAK058KpDP21YEpJwHxFEx50LN9UrNwgjHq+34CxzuxwlrDWf/4gfmSTgVkyUv81IO6cUnK4Rat2dQ2lSGJGvzwKBgQC8cJ+2lmpR9JgXrjmj8ytyOzKM+S2CzZnqrLiKkyfGzS2HMPlsKWUqXXEREUVNUJ62mDjhnqyaB8RTn1q4U9vj2EikB7/ewTUyCwDdGz4abjPEkmFNs+D0eaAaBC10y7cjr3flE4J1bqCW+Op8FJ8NxazcpoqkTtSTONliEho38QKBgCJv6KBE3F3VgIzJ2v18GX6/3jqpZQQKpj69iJYgSP6mREbNnHewpNQjuU2ekp8HFISzAOrcTfcD8dAc2EURlQ5ygVSSJ+tCp3kA+WRrRuydiaw71r3oRDDFge3dT6N7NIdB9xNh+WT/vK8Qh5UusG9NyXv/p9X5KfJG1gOpFut3AoGAcVBEKjae7nNnte21iYojWQiR6EW6gUqDQKPmQKYmqBwfQYlIoyrtQ6F26S16f/h3yBMXOU0CO4lqHGLZ2bfLpWIcpE5oqVmDVHlbZpoIKTqVdKIVUvVU044DoUFb2Dzb/uB3909ZBqakeMRrtHtt/Ykd3n1jJ1Sj7Xek+J0sGPECgYBPNfvVOoTuDzQugfCrJi0djs08Pd6h/Jd997HMVHpanYrq6gFkrlXzzZdweJZkLS0PcJDPA8CKb460EvJT8B1KrUcG1H7/wAPPs1bP95n7oHWq1Z6nWXM9Onlw7Bq9ovdWHiLotaVoVkpNZk5FxMNtuxeMKGY55ZvTvOYZ40DHPg==;
}
asymmetric-key wg {
public-key-format x25519-public-key-format;
public-key HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=;
private-key-format x25519-private-key-format;
cleartext-private-key YAnz5TF+lXXJte14tji3zlMNftqL/HOWl7MkEqpB/UU=;
}
}
netconf server config:
admin@infix-00-00-00:/config/> show netconf-server
listen {
endpoints {
endpoint default-ssh {
ssh {
tcp-server-parameters {
local-address ::;
}
ssh-server-parameters {
server-identity {
host-key default-key {
public-key {
central-keystore-reference genkey;
}
}
}
}
}
}
}
}
Error message from netopeer:
Nov 10 12:04:28 infix netopeer2-server[3791]: Public key format (x25519-public-key-format) not supported.
Nov 10 12:04:28 infix netopeer2-server[3791]: Private key format (x25519-private-key-format) not supported.
Nov 10 12:04:28 infix netopeer2-server[3791]: Configuring (private-key-format) failed.
Nov 10 12:04:28 infix netopeer2-server[3791]: Applying ietf-keystore configuration failed.
If I remove the wireguard keys, netopeer2's config succeed.
The netconf server has been configured to use the key genkey and should not care about other possible keys.
I use netopeer2 2.4.5 and libnetconf2 3.7.10