action #112367
closed[tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
0%
Description
Observation¶
On Leap 15.4, with python-paramiko 2.4.2-150100.6.12.1, following occurs in mtui:
info: connecting to goblin.qam.suse.cz debug [mtui.connection:connect]: connecting to goblin.qam.suse.cz:22 error: SSHException while connecting to goblin.qam.suse.cz critical: connecting to goblin.qam.suse.cz failed: Invalid key warning: failed to add host goblin.qam.suse.cz to target list debug [mtui.template.testreport:add_target]: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/mtui/template/testreport.py", line 373, in add_target self.targets[hostname].connect() File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 89, in connect raise e File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 86, in connect self.connection = self.Connection(self.host, self.port, self.timeout) File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 91, in __init__ self.connect() File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 169, in connect raise e File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 127, in connect else None, File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 437, in connect passphrase, File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 749, in _auth raise saved_exception File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 720, in _auth filename, pkey_class, passphrase File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 571, in _key_from_filepath key = klass.from_private_key_file(key_path, password) File "/usr/lib/python3.6/site-packages/paramiko/pkey.py", line 217, in from_private_key_file key = cls(filename=filename, password=password) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 81, in __init__ signing_key = self._parse_signing_key_data(data, password) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 156, in _parse_signing_key_data message = Message(unpad(private_data)) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 41, in unpad raise SSHException("Invalid key") paramiko.ssh_exception.SSHException: Invalid key
This seems to be a known issue, and is resolved in paramiko 2.5.1. As usage of ed25519 keys is not that common it seems to affect only me, as a workaround paramiko from Tumbleweed can be linked into QA:Maintenance project in IBS
Same problem in Leap 15.3 as paramiko was last updated in 15-SP1.
Acceptance criteria¶
- AC1: Problem has been reported to the package maintainer
- AC2: mtui works again
Suggestions¶
Maintenance Update of paramiko in SLE -> Leap
Link new paramiko and its deps in QA:Maintenance project
Updated by osukup almost 3 years ago
looks like bug in paramiko fixed in 2.5 series, on SLE/Leap is paramiko 2.4.2
Solutions:¶
- Maintenance Update of paramiko in SLE -> Leap
- Link new paramiko and its deps in QA:Maintenance project
Updated by okurz almost 3 years ago
- Target version set to Ready
we could handle that by reporting a bug for Leap and block on that
Updated by okurz almost 3 years ago
- Subject changed from [qa-tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key
Updated by okurz almost 3 years ago
- Subject changed from [tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
- Description updated (diff)
- Status changed from New to Workable
Updated by jbaier_cz almost 3 years ago
- Status changed from Workable to In Progress
- Assignee set to jbaier_cz
Updated by jbaier_cz almost 3 years ago
- Status changed from In Progress to Blocked
For start, I submitted version 2.6.0 to QA:Maintenance/python-paramiko. For 15.4 (and SLES 15-SP4), the build succeeded so testers should be able to use mtui with a newer (but still ancient) version of paramiko. I also created https://bugzilla.opensuse.org/show_bug.cgi?id=1200603 to describe the issue with paramiko and suggested the update.
Updated by osukup almost 3 years ago
2.6.0 is ancient but still specfile isn't compactible with 15.3 :D --> if any user hit this problem on 15.3 recommendation will be upgrade to last supported distribution and use QA:Maintenance paramiko
Updated by jbaier_cz over 2 years ago
- Status changed from Blocked to Feedback
I would probably took ages so I spared some time to create update to 2.4.3 myself. If nothing explodes in S:M:26222:281282, mtui should be usable without QA:Maintenance/python-paramiko in Leap.
Updated by okurz over 2 years ago
- Status changed from Feedback to Blocked
Back to blocked on https://bugzilla.suse.com/show_bug.cgi?id=1111151 as discussed in daily 2022-10-13
Updated by jbaier_cz over 2 years ago
- Status changed from Blocked to Resolved
Update was released and the new paramiko version is already being used (according to the test reports). Mtui should now work even with weird keys on Leap without paramiko from QA:Maintenance repository.