Project

General

Profile

action #112367

[tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M

Added by pluskalm 2 months ago. Updated about 1 month ago.

Status:
Blocked
Priority:
Normal
Assignee:
Target version:
Start date:
2022-06-14
Due date:
% Done:

0%

Estimated time:

Description

Observation

On Leap 15.4, with python-paramiko 2.4.2-150100.6.12.1, following occurs in mtui:
info: connecting to goblin.qam.suse.cz
debug [mtui.connection:connect]: connecting to goblin.qam.suse.cz:22
error: SSHException while connecting to goblin.qam.suse.cz
critical: connecting to goblin.qam.suse.cz failed: Invalid key
warning: failed to add host goblin.qam.suse.cz to target list
debug [mtui.template.testreport:add_target]: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/mtui/template/testreport.py", line 373, in add_target
self.targets[hostname].connect()
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 89, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 86, in connect
self.connection = self.Connection(self.host, self.port, self.timeout)
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 91, in __init__
self.connect()
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 169, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 127, in connect
else None,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 437, in connect
passphrase,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 749, in _auth
raise saved_exception
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 720, in _auth
filename, pkey_class, passphrase
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 571, in _key_from_filepath
key = klass.from_private_key_file(key_path, password)
File "/usr/lib/python3.6/site-packages/paramiko/pkey.py", line 217, in from_private_key_file
key = cls(filename=filename, password=password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 81, in __init__
signing_key = self._parse_signing_key_data(data, password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 156, in _parse_signing_key_data
message = Message(unpad(private_data))
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 41, in unpad
raise SSHException("Invalid key")
paramiko.ssh_exception.SSHException: Invalid key

This seems to be a known issue, and is resolved in paramiko 2.5.1. As usage of ed25519 keys is not that common it seems to affect only me, as a workaround paramiko from Tumbleweed can be linked into QA:Maintenance project in IBS

Same problem in Leap 15.3 as paramiko was last updated in 15-SP1.

Acceptance criteria

  • AC1: Problem has been reported to the package maintainer
  • AC2: mtui works again

Suggestions

Maintenance Update of paramiko in SLE -> Leap

Link new paramiko and its deps in QA:Maintenance project

History

#1 Updated by osukup 2 months ago

looks like bug in paramiko fixed in 2.5 series, on SLE/Leap is paramiko 2.4.2

Solutions:

  1. Maintenance Update of paramiko in SLE -> Leap
  2. Link new paramiko and its deps in QA:Maintenance project

#2 Updated by okurz 2 months ago

  • Target version set to Ready

we could handle that by reporting a bug for Leap and block on that

#3 Updated by okurz 2 months ago

  • Subject changed from [qa-tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key

#4 Updated by okurz 2 months ago

  • Subject changed from [tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
  • Description updated (diff)
  • Status changed from New to Workable

#5 Updated by jbaier_cz 2 months ago

  • Status changed from Workable to In Progress
  • Assignee set to jbaier_cz

#6 Updated by jbaier_cz 2 months ago

  • Status changed from In Progress to Blocked

For start, I submitted version 2.6.0 to QA:Maintenance/python-paramiko. For 15.4 (and SLES 15-SP4), the build succeeded so testers should be able to use mtui with a newer (but still ancient) version of paramiko. I also created https://bugzilla.opensuse.org/show_bug.cgi?id=1200603 to describe the issue with paramiko and suggested the update.

#7 Updated by osukup about 2 months ago

2.6.0 is ancient but still specfile isn't compactible with 15.3 :D --> if any user hit this problem on 15.3 recommendation will be upgrade to last supported distribution and use QA:Maintenance paramiko

#8 Updated by okurz about 1 month ago

  • Tags set to reactive work

Also available in: Atom PDF