Project

General

Profile

Actions

action #112367

closed

[tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M

Added by pluskalm over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
Start date:
2022-06-14
Due date:
% Done:

0%

Estimated time:

Description

Observation

On Leap 15.4, with python-paramiko 2.4.2-150100.6.12.1, following occurs in mtui:
info: connecting to goblin.qam.suse.cz
debug [mtui.connection:connect]: connecting to goblin.qam.suse.cz:22
error: SSHException while connecting to goblin.qam.suse.cz
critical: connecting to goblin.qam.suse.cz failed: Invalid key
warning: failed to add host goblin.qam.suse.cz to target list
debug [mtui.template.testreport:add_target]: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/mtui/template/testreport.py", line 373, in add_target
self.targets[hostname].connect()
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 89, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/target/__init__.py", line 86, in connect
self.connection = self.Connection(self.host, self.port, self.timeout)
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 91, in __init__
self.connect()
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 169, in connect
raise e
File "/usr/lib/python3.6/site-packages/mtui/connection.py", line 127, in connect
else None,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 437, in connect
passphrase,
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 749, in _auth
raise saved_exception
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 720, in _auth
filename, pkey_class, passphrase
File "/usr/lib/python3.6/site-packages/paramiko/client.py", line 571, in _key_from_filepath
key = klass.from_private_key_file(key_path, password)
File "/usr/lib/python3.6/site-packages/paramiko/pkey.py", line 217, in from_private_key_file
key = cls(filename=filename, password=password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 81, in __init__
signing_key = self._parse_signing_key_data(data, password)
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 156, in _parse_signing_key_data
message = Message(unpad(private_data))
File "/usr/lib/python3.6/site-packages/paramiko/ed25519key.py", line 41, in unpad
raise SSHException("Invalid key")
paramiko.ssh_exception.SSHException: Invalid key

This seems to be a known issue, and is resolved in paramiko 2.5.1. As usage of ed25519 keys is not that common it seems to affect only me, as a workaround paramiko from Tumbleweed can be linked into QA:Maintenance project in IBS

Same problem in Leap 15.3 as paramiko was last updated in 15-SP1.

Acceptance criteria

  • AC1: Problem has been reported to the package maintainer
  • AC2: mtui works again

Suggestions

Maintenance Update of paramiko in SLE -> Leap

Link new paramiko and its deps in QA:Maintenance project
Actions #1

Updated by osukup over 1 year ago

looks like bug in paramiko fixed in 2.5 series, on SLE/Leap is paramiko 2.4.2

Solutions:

  1. Maintenance Update of paramiko in SLE -> Leap
  2. Link new paramiko and its deps in QA:Maintenance project
Actions #2

Updated by okurz over 1 year ago

  • Target version set to Ready

we could handle that by reporting a bug for Leap and block on that

Actions #3

Updated by okurz over 1 year ago

  • Subject changed from [qa-tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key
Actions #4

Updated by okurz over 1 year ago

  • Subject changed from [tools] python-paramiko on Leap/SLE throws exception with ed25519 key to [tools] python-paramiko on Leap/SLE throws exception with ed25519 key size:M
  • Description updated (diff)
  • Status changed from New to Workable
Actions #5

Updated by jbaier_cz over 1 year ago

  • Status changed from Workable to In Progress
  • Assignee set to jbaier_cz
Actions #6

Updated by jbaier_cz over 1 year ago

  • Status changed from In Progress to Blocked

For start, I submitted version 2.6.0 to QA:Maintenance/python-paramiko. For 15.4 (and SLES 15-SP4), the build succeeded so testers should be able to use mtui with a newer (but still ancient) version of paramiko. I also created https://bugzilla.opensuse.org/show_bug.cgi?id=1200603 to describe the issue with paramiko and suggested the update.

Actions #7

Updated by osukup over 1 year ago

2.6.0 is ancient but still specfile isn't compactible with 15.3 :D --> if any user hit this problem on 15.3 recommendation will be upgrade to last supported distribution and use QA:Maintenance paramiko

Actions #8

Updated by okurz over 1 year ago

  • Tags set to reactive work
Actions #9

Updated by jbaier_cz over 1 year ago

  • Status changed from Blocked to Feedback

I would probably took ages so I spared some time to create update to 2.4.3 myself. If nothing explodes in S:M:26222:281282, mtui should be usable without QA:Maintenance/python-paramiko in Leap.

Actions #10

Updated by okurz over 1 year ago

  • Status changed from Feedback to Blocked

Back to blocked on https://bugzilla.suse.com/show_bug.cgi?id=1111151 as discussed in daily 2022-10-13

Actions #11

Updated by jbaier_cz over 1 year ago

  • Status changed from Blocked to Resolved

Update was released and the new paramiko version is already being used (according to the test reports). Mtui should now work even with weird keys on Leap without paramiko from QA:Maintenance repository.

Actions

Also available in: Atom PDF