Actions
Bug #52516
closedvstart cluster refuses to start with KeyImportError in asyncssh 2.7.0
Status:
Can't reproduce
Priority:
Normal
Assignee:
-
Category:
cephadm
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
Yes
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
38 Traceback (most recent call last): 39 File "/home/user/src/ceph/src/pybind/mgr/cephadm/ssh.py", line 98, in redirect_log 40 yield 41 File "/home/user/src/ceph/src/pybind/mgr/cephadm/ssh.py", line 77, in _remote_connection 42 conn = await asyncssh.connect(addr, username=self.mgr.ssh_user, client_keys=[self.mgr.tkey.name], known_hosts=None, config=[self.mgr.ssh_config_fname], preferred_auth=['publickey']) 43 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 6798, in connect 44 options = SSHClientConnectionOptions(options, config=config, host=host, 45 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 5574, in __init__ 46 super().__init__(options=options, last_config=last_config, **kwargs) 47 File "/usr/local/lib/python3.8/dist-packages/asyncssh/misc.py", line 268, in __init__ 48 self.prepare(**self.kwargs) 49 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 6256, in prepare 50 self.client_keys = load_keypairs(client_keys, passphrase, 51 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 3141, in load_keypairs 52 key, certs = read_private_key_and_certs(key, passphrase) 53 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2959, in read_private_key_and_certs 54 key, cert = import_private_key_and_certs(read_file(filename), passphrase) 55 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2849, in import_private_key_and_certs 56 key, end = _decode_private(data, passphrase) 57 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2509, in _decode_private 58 key = _decode_pem_private(pem_name, headers, data, passphrase) 59 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2427, in _decode_pem_private 60 raise KeyImportError('Passphrase must be specified to import ' 61 asyncssh.public_key.KeyImportError: Passphrase must be specified to import encrypted private keys
Updated by Patrick Seidensal over 2 years ago
- Regression changed from No to Yes
My issue is likely about a regression due to not (yet) supporting ssh-agent. The former implementation seemingly just took the key from ssh-agent, where it has been loaded but the current one does not do that. It worked on my host system using an encrypted private key, as it was loaded with ssh-agent, but as the current implementation (seemingly) does not cooperate with ssh-agent, an encrypted private key file is tried being loaded without a password, resulting in the issue reported.
I've been able to work around that issue by specifying newly created and passwordless keys directly in vstart.sh, pointing to ~/.ssh/ceph_id and ~/.ssh/ceph_id.pub.
Updated by Sebastian Wagner over 2 years ago
Updated by Sebastian Wagner over 2 years ago
Updated by Sebastian Wagner over 2 years ago
- Related to Bug #52515: asyncssh: prepare() got an unexpected keyword argument 'config' added
Updated by Sebastian Wagner over 2 years ago
- Status changed from New to Can't reproduce
Actions