Project

General

Profile

Actions

action #112367

closed

[tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M

Added by pluskalm almost 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Start date:
2022-06-14
Due date:
% Done:

0%

Estimated time:

Description

Observation

On Leap 15.4, with python-paramiko 2.4.2-150100.6.12.1, following occurs in mtui:
info: connecting to goblin.qam.suse.cz debug [mtui.connection:connect]: connecting to goblin.qam.suse.cz:22 error: SSHException while connecting to goblin.qam.suse.cz critical: connecting to goblin.qam.suse.cz failed: Invalid key warning: failed to add host goblin.qam.suse.cz to target list debug [mtui.template.testreport:add_target]: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/mtui/template/testreport.py", line 373, in add_target self.targets[hostname].connect() File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 89, in connect raise e File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 86, in connect self.connection = self.Connection(self.host, self.port, self.timeout) File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 91, in __init__ self.connect() File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 169, in connect raise e File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 127, in connect else None, File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 437, in connect passphrase, File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 749, in _auth raise saved_exception File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 720, in _auth filename, pkey_class, passphrase File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 571, in _key_from_filepath key = klass.from_private_key_file(key_path, password) File "/usr/lib/python3.6/site-packages/paramiko/pkey.py", line 217, in from_private_key_file key = cls(filename=filename, password=password) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 81, in __init__ signing_key = self._parse_signing_key_data(data, password) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 156, in _parse_signing_key_data message = Message(unpad(private_data)) File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 41, in unpad raise SSHException("Invalid key") paramiko.ssh_exception.SSHException: Invalid key

This seems to be a known issue, and is resolved in paramiko 2.5.1. As usage of ed25519 keys is not that common it seems to affect only me, as a workaround paramiko from Tumbleweed can be linked into QA:Maintenance project in IBS

Same problem in Leap 15.3 as paramiko was last updated in 15-SP1.

Acceptance criteria

  • AC1: Problem has been reported to the package maintainer
  • AC2: mtui works again

Suggestions

Maintenance Update of paramiko in SLE -> Leap

Link new paramiko and its deps in QA:Maintenance project
Actions #1

Updated by osukup almost 3 years ago

looks like bug in paramiko fixed in 2.5 series, on SLE/Leap is paramiko 2.4.2

Solutions:

  1. Maintenance Update of paramiko in SLE -> Leap
  2. Link new paramiko and its deps in QA:Maintenance project
Actions #2

Updated by okurz almost 3 years ago

  • Target version set to Ready

we could handle that by reporting a bug for Leap and block on that

Actions #3

Updated by okurz almost 3 years ago

  • Subject changed from [qa-tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key
Actions #4

Updated by okurz almost 3 years ago

  • Subject changed from [tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
  • Description updated (diff)
  • Status changed from New to Workable
Actions #5

Updated by jbaier_cz almost 3 years ago

  • Status changed from Workable to In Progress
  • Assignee set to jbaier_cz
Actions #6

Updated by jbaier_cz almost 3 years ago

  • Status changed from In Progress to Blocked

For start, I submitted version 2.6.0 to QA:Maintenance/python-paramiko. For 15.4 (and SLES 15-SP4), the build succeeded so testers should be able to use mtui with a newer (but still ancient) version of paramiko. I also created https://bugzilla.opensuse.org/show_bug.cgi?id=1200603 to describe the issue with paramiko and suggested the update.

Actions #7

Updated by osukup almost 3 years ago

2.6.0 is ancient but still specfile isn't compactible with 15.3 :D --> if any user hit this problem on 15.3 recommendation will be upgrade to last supported distribution and use QA:Maintenance paramiko

Actions #8

Updated by okurz almost 3 years ago

  • Tags set to reactive work
Actions #9

Updated by jbaier_cz over 2 years ago

  • Status changed from Blocked to Feedback

I would probably took ages so I spared some time to create update to 2.4.3 myself. If nothing explodes in S:M:26222:281282, mtui should be usable without QA:Maintenance/python-paramiko in Leap.

Actions #10

Updated by okurz over 2 years ago

  • Status changed from Feedback to Blocked

Back to blocked on https://bugzilla.suse.com/show_bug.cgi?id=1111151 as discussed in daily 2022-10-13

Actions #11

Updated by jbaier_cz over 2 years ago

  • Status changed from Blocked to Resolved

Update was released and the new paramiko version is already being used (according to the test reports). Mtui should now work even with weird keys on Leap without paramiko from QA:Maintenance repository.

Actions

Also available in: Atom PDF