action #112367
closed[tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
0%
Description
Observation¶
On Leap 15.4, with python-paramiko 2.4.2-150100.6.12.1, following occurs in mtui:
info: connecting to goblin.qam.suse.cz
debug [mtui.connection:connect]: connecting to goblin.qam.suse.cz:22
error: SSHException while connecting to goblin.qam.suse.cz
critical: connecting to goblin.qam.suse.cz failed: Invalid key
warning: failed to add host goblin.qam.suse.cz to target list
debug [mtui.template.testreport:add_target]: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/mtui/template/testreport.py", line 373, in add_target
self.targets[hostname].connect()
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 89, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 86, in connect
self.connection = self.Connection(self.host, self.port, self.timeout)
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 91, in __init__
self.connect()
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 169, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 127, in connect
else None,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 437, in connect
passphrase,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 749, in _auth
raise saved_exception
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 720, in _auth
filename, pkey_class, passphrase
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 571, in _key_from_filepath
key = klass.from_private_key_file(key_path, password)
File "/usr/lib/python3.6/site-packages/paramiko/pkey.py", line 217, in from_private_key_file
key = cls(filename=filename, password=password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 81, in __init__
signing_key = self._parse_signing_key_data(data, password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 156, in _parse_signing_key_data
message = Message(unpad(private_data))
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 41, in unpad
raise SSHException("Invalid key")
paramiko.ssh_exception.SSHException: Invalid key
This seems to be a known issue, and is resolved in paramiko 2.5.1. As usage of ed25519 keys is not that common it seems to affect only me, as a workaround paramiko from Tumbleweed can be linked into QA:Maintenance project in IBS
Same problem in Leap 15.3 as paramiko was last updated in 15-SP1.
Acceptance criteria¶
- AC1: Problem has been reported to the package maintainer
- AC2: mtui works again
Suggestions¶
Maintenance Update of paramiko in SLE -> Leap
Link new paramiko and its deps in QA:Maintenance project
Updated by osukup over 2 years ago
looks like bug in paramiko fixed in 2.5 series, on SLE/Leap is paramiko 2.4.2
Solutions:¶
- Maintenance Update of paramiko in SLE -> Leap
- Link new paramiko and its deps in QA:Maintenance project
Updated by okurz over 2 years ago
- Target version set to Ready
we could handle that by reporting a bug for Leap and block on that
Updated by okurz over 2 years ago
- Subject changed from [qa-tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key
Updated by okurz over 2 years ago
- Subject changed from [tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
- Description updated (diff)
- Status changed from New to Workable
Updated by jbaier_cz over 2 years ago
- Status changed from Workable to In Progress
- Assignee set to jbaier_cz
Updated by jbaier_cz over 2 years ago
- Status changed from In Progress to Blocked
For start, I submitted version 2.6.0 to QA:Maintenance/python-paramiko. For 15.4 (and SLES 15-SP4), the build succeeded so testers should be able to use mtui with a newer (but still ancient) version of paramiko. I also created https://bugzilla.opensuse.org/show_bug.cgi?id=1200603 to describe the issue with paramiko and suggested the update.
Updated by osukup over 2 years ago
2.6.0 is ancient but still specfile isn't compactible with 15.3 :D --> if any user hit this problem on 15.3 recommendation will be upgrade to last supported distribution and use QA:Maintenance paramiko
Updated by jbaier_cz about 2 years ago
- Status changed from Blocked to Feedback
I would probably took ages so I spared some time to create update to 2.4.3 myself. If nothing explodes in S:M:26222:281282, mtui should be usable without QA:Maintenance/python-paramiko in Leap.
Updated by okurz about 2 years ago
- Status changed from Feedback to Blocked
Back to blocked on https://bugzilla.suse.com/show_bug.cgi?id=1111151 as discussed in daily 2022-10-13
Updated by jbaier_cz about 2 years ago
- Status changed from Blocked to Resolved
Update was released and the new paramiko version is already being used (according to the test reports). Mtui should now work even with weird keys on Leap without paramiko from QA:Maintenance repository.