Actions
Bug #52516
closedvstart cluster refuses to start with KeyImportError in asyncssh 2.7.0
Status:
Can't reproduce
Priority:
Normal
Assignee:
-
Category:
cephadm
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
Yes
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
38 Traceback (most recent call last):
39 File "/home/user/src/ceph/src/pybind/mgr/cephadm/ssh.py", line 98, in redirect_log
40 yield
41 File "/home/user/src/ceph/src/pybind/mgr/cephadm/ssh.py", line 77, in _remote_connection
42 conn = await asyncssh.connect(addr, username=self.mgr.ssh_user, client_keys=[self.mgr.tkey.name], known_hosts=None, config=[self.mgr.ssh_config_fname], preferred_auth=['publickey'])
43 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 6798, in connect
44 options = SSHClientConnectionOptions(options, config=config, host=host,
45 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 5574, in __init__
46 super().__init__(options=options, last_config=last_config, **kwargs)
47 File "/usr/local/lib/python3.8/dist-packages/asyncssh/misc.py", line 268, in __init__
48 self.prepare(**self.kwargs)
49 File "/usr/local/lib/python3.8/dist-packages/asyncssh/connection.py", line 6256, in prepare
50 self.client_keys = load_keypairs(client_keys, passphrase,
51 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 3141, in load_keypairs
52 key, certs = read_private_key_and_certs(key, passphrase)
53 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2959, in read_private_key_and_certs
54 key, cert = import_private_key_and_certs(read_file(filename), passphrase)
55 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2849, in import_private_key_and_certs
56 key, end = _decode_private(data, passphrase)
57 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2509, in _decode_private
58 key = _decode_pem_private(pem_name, headers, data, passphrase)
59 File "/usr/local/lib/python3.8/dist-packages/asyncssh/public_key.py", line 2427, in _decode_pem_private
60 raise KeyImportError('Passphrase must be specified to import '
61 asyncssh.public_key.KeyImportError: Passphrase must be specified to import encrypted private keys
Updated by Patrick Seidensal over 2 years ago
- Regression changed from No to Yes
My issue is likely about a regression due to not (yet) supporting ssh-agent. The former implementation seemingly just took the key from ssh-agent, where it has been loaded but the current one does not do that. It worked on my host system using an encrypted private key, as it was loaded with ssh-agent, but as the current implementation (seemingly) does not cooperate with ssh-agent, an encrypted private key file is tried being loaded without a password, resulting in the issue reported.
I've been able to work around that issue by specifying newly created and passwordless keys directly in vstart.sh, pointing to ~/.ssh/ceph_id and ~/.ssh/ceph_id.pub.
Updated by Sebastian Wagner over 2 years ago
Updated by Sebastian Wagner over 2 years ago
Updated by Sebastian Wagner over 2 years ago
- Related to Bug #52515: asyncssh: prepare() got an unexpected keyword argument 'config' added
Updated by Sebastian Wagner over 2 years ago
- Status changed from New to Can't reproduce
Actions