Open helge12 opened 8 months ago
azure-client-tools-bot-prd[bot]
commented
8 months ago Hi @helge12,
2.17.1 is not the latest Azure CLI(2.56.0).
If you haven't already attempted to do so, please upgrade to the latest Azure CLI version by following https://learn.microsoft.com/en-us/cli/azure/update-azure-cli.
azure-client-tools-bot-prd[bot]
commented
8 months ago | Hi @helge12 Find similar issue https://github.com/Azure/azure-cli/issues/21376. | ||
|---|---|---|
| Issue title | login with --service-principal results in following error: | |
| Create time | 2022-02-21 | |
| Comment number | 6 |
Please confirm if this resolves your issue.
yonzhan
commented
8 months ago Thank you for opening this issue, we will look into it.
jiasli
commented
8 months ago Azure CLI 2.17.1 is too old and Python 3.6 is not supported. Could you use a supported OS and update to the latest Azure CLI 2.56.0: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux
If you have to use SUSE 15, please update to Azure CLI 2.38.1: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=zypper
helge12
commented
8 months ago Yes, right. The problem is version 2.17. The real problem is that there is no higher version available in the repository. I have re-installed azure-cli package from repo as it is documented. It still has 2.17 and it tells me it is the highest version available. This of course is not your responsibility. Interestingly, the version I have deployed in the other environment, which is SLES 15SP4, has version 2.38.
Seeing this, I have deployed Ubuntu 22.04, beside the SLES 15 SP5, loading the deb package as documented, installed it with version 2.56 and all was working.
Obviously the problem is with the repo server replication. Some seem to be more up to date than others. How could it be otherwise that I have an old version on SLES 15 and I cannot upgrade following the usual process.
As I said, it has nothing to do with you. Thank you for your help.
Describe the bug
az login --allow-no-subscription did succeed Then using the login with --identity fails.
Related command
az login --identity
Errors
Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
Issue script & Debug output
no script, just the command
helge@suse15:~> az login --identity --debug cli.knack.cli: Command arguments: ['login', '--identity', '--debug'] cli.knack.cli: init debug log: Enable color in terminal. cli.knack.cli: Event: Cli.PreExecute [] cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7ff7e7d4d950>, <function OutputProducer.on_global_arguments at 0x7ff7e7c747b8>, <function CLIQuery.on_global_arguments at 0x7ff7e7c94bf8>] cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate [] cli.azure.cli.core: Modules found from index for 'login': ['azure.cli.command_modules.profile'] cli.azure.cli.core: Loading command modules: cli.azure.cli.core: Name Load Time Groups Commands cli.azure.cli.core: profile 0.001 2 9 cli.azure.cli.core: Total (1) 0.001 2 9 cli.azure.cli.core: Loaded 2 groups, 9 commands. cli.azure.cli.core: Found a match in the command table. cli.azure.cli.core: Raw command : login cli.azure.cli.core: Command table: login cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7ff7e6eae7b8>] az_command_data_logger: command args: login --identity --debug cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/home/helge/.azure/commands'. cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x7ff7e6e65950>, <function register_global_query_examples_argument..register_query_examples at 0x7ff7e6e47158>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x7ff7e6e471e0>, <function register_cache_arguments..add_cache_arguments at 0x7ff7e6e472f0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x7ff7e7c74840>, <function CLIQuery.handle_query_parameter at 0x7ff7e7c94c80>, <function register_global_query_examples_argument..handle_example_parameter at 0x7ff7e6e470d0>, <function register_ids_argument..parse_ids_arguments at 0x7ff7e6e47268>]
urllib3.connectionpool: Starting new HTTP connection (1): 169.254.169.254:80
urllib3.connectionpool: http://169.254.169.254:80 "GET /metadata/identity/oauth2/token?resource=https%3A%2F%2Fmanagement.core.windows.net%2F&api-version=2018-02-01 HTTP/1.1" 200 1956
msrestazure.azure_active_directory: MSI: Retrieving a token from http://169.254.169.254/metadata/identity/oauth2/token, with payload {'resource': 'https://management.core.windows.net/', 'api-version': '2018-02-01'}
msrestazure.azure_active_directory: MSI: Token retrieved
cli.azure.cli.core._profile: MSI: token was retrieved. Now trying to initialize local accounts...
cli.azure.cli.core.util: azure.cli.core.util.handle_exception is called with an exception:
cli.azure.cli.core.util: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key
key = load_pem_private_key(key, password=None)
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key
password,
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key
self._handle_key_loading_error()
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error
"Could not deserialize key data. The data may be in an "
ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
cli.azure.cli.core.azclierror: CLIInternalError: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: CLIInternalError: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key key = load_pem_private_key(key, password=None) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key return backend.load_pem_private_key(data, password) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key password, File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. cli.azure.cli.core.azclierror: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key key = load_pem_private_key(key, password=None) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key return backend.load_pem_private_key(data, password) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key password, File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. To open an issue, please run: 'az feedback' cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7ff7e6eae9d8>] az_command_data_logger: exit code: 1 cli.main: Command ran in 0.262 seconds (init: 0.080, invoke: 0.182) cli.azure.cli.core.decorators: Suppress exception: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 60, in
raise ex
File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 53, in
sys.exit(exit_code)
SystemExit: 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 509, in get_current_account_user active_account = self.get_subscription() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 518, in get_subscription raise CLIError(_AZ_LOGIN_MESSAGE) knack.util.CLIError: Please run 'az login' to setup account.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 74, in _wrapped_func return func(*args, *kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 57, in _decorator val = func(args, **kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/telemetry.py", line 516, in _get_user_azure_id return _get_profile().get_current_account_user() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 511, in get_current_account_user raise CLIError('There are no active accounts.') knack.util.CLIError: There are no active accounts.
cli.azure.cli.core.decorators: Suppress exception: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 60, in
raise ex
File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 53, in
sys.exit(exit_code)
SystemExit: 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 74, in _wrapped_func return func(*args, **kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/telemetry.py", line 526, in _get_azure_subscription_id return _get_profile().get_subscription_id() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 535, in get_subscription_id return self.get_subscription(subscription)[_SUBSCRIPTION_ID] File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 518, in get_subscription raise CLIError(_AZ_LOGIN_MESSAGE) knack.util.CLIError: Please run 'az login' to setup account.
telemetry.save: Save telemetry record of length 5763 in cache telemetry.check: Returns Positive. telemetry.main: Begin creating telemetry upload process. telemetry.process: Creating upload process: "/usr/bin/python3 /usr/lib/python3.6/site-packages/azure/cli/telemetry/init.py /home/helge/.azure" telemetry.process: Return from creating process telemetry.main: Finish creating telemetry upload process.
+++++++++++++++++++++++++++++++++++++++++++++++++
Same when specifying an existing user id
helge@suse15:~> az login --identity -u 77ede77e-6c34-4247-bd5d-6db628a5841d --debug cli.knack.cli: Command arguments: ['login', '--identity', '-u', '77ede77e-6c34-4247-bd5d-6db628a5841d', '--debug'] cli.knack.cli: init debug log: Enable color in terminal. cli.knack.cli: Event: Cli.PreExecute [] cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7f68475e3950>, <function OutputProducer.on_global_arguments at 0x7f684750a7b8>, <function CLIQuery.on_global_arguments at 0x7f684752abf8>] cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate [] cli.azure.cli.core: Modules found from index for 'login': ['azure.cli.command_modules.profile'] cli.azure.cli.core: Loading command modules: cli.azure.cli.core: Name Load Time Groups Commands cli.azure.cli.core: profile 0.001 2 9 cli.azure.cli.core: Total (1) 0.001 2 9 cli.azure.cli.core: Loaded 2 groups, 9 commands. cli.azure.cli.core: Found a match in the command table. cli.azure.cli.core: Raw command : login cli.azure.cli.core: Command table: login cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7f68469917b8>] az_command_data_logger: command args: login --identity -u {} --debug cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/home/helge/.azure/commands'. cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x7f6846948950>, <function register_global_query_examples_argument..register_query_examples at 0x7f684692a158>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x7f684692a1e0>, <function register_cache_arguments..add_cache_arguments at 0x7f684692a2f0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x7f684750a840>, <function CLIQuery.handle_query_parameter at 0x7f684752ac80>, <function register_global_query_examples_argument..handle_example_parameter at 0x7f684692a0d0>, <function register_ids_argument..parse_ids_arguments at 0x7f684692a268>]
urllib3.connectionpool: Starting new HTTP connection (1): 169.254.169.254:80
urllib3.connectionpool: http://169.254.169.254:80 "GET /metadata/identity/oauth2/token?resource=https%3A%2F%2Fmanagement.core.windows.net%2F&api-version=2018-02-01&client_id=77ede77e-6c34-4247-bd5d-6db628a5841d HTTP/1.1" 200 1956
msrestazure.azure_active_directory: MSI: Retrieving a token from http://169.254.169.254/metadata/identity/oauth2/token, with payload {'resource': 'https://management.core.windows.net/', 'api-version': '2018-02-01', 'client_id': '77ede77e-6c34-4247-bd5d-6db628a5841d'}
msrestazure.azure_active_directory: MSI: Token retrieved
cli.azure.cli.core._profile: MSI: token was retrieved. Now trying to initialize local accounts...
cli.azure.cli.core.util: azure.cli.core.util.handle_exception is called with an exception:
cli.azure.cli.core.util: Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key
key = load_pem_private_key(key, password=None)
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key
password,
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key
self._handle_key_loading_error()
File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error
"Could not deserialize key data. The data may be in an "
ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
cli.azure.cli.core.azclierror: CLIInternalError: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: CLIInternalError: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key key = load_pem_private_key(key, password=None) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key return backend.load_pem_private_key(data, password) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key password, File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. cli.azure.cli.core.azclierror: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 257, in prepare_key key = load_pem_private_key(key, password=None) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 18, in load_pem_private_key return backend.load_pem_private_key(data, password) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1248, in load_pem_private_key password, File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1475, in _load_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 659, in execute raise ex File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 722, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 715, in _run_job six.reraise(sys.exc_info()) File "/usr/lib/python3.6/site-packages/six.py", line 703, in reraise raise value File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 693, in _run_job result = cmd_copy(params) File "/usr/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 330, in call return self.handler(args, kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/init.py", line 784, in default_command_handler return op(command_args) File "/usr/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 140, in login return profile.find_subscriptions_in_vm_with_msi(username, allow_no_subscriptions) File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 367, in find_subscriptions_in_vm_with_msi decode = jwt.decode(token, verify=False, algorithms=['RS256']) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 129, in decode decoded = self.decode_complete(jwt, key, algorithms, options, kwargs) File "/usr/lib/python3.6/site-packages/jwt/api_jwt.py", line 105, in decode_complete kwargs, File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 182, in decode_complete self._verify_signature(signing_input, header, signature, key, algorithms) File "/usr/lib/python3.6/site-packages/jwt/api_jws.py", line 266, in _verify_signature key = alg_obj.prepare_key(key) File "/usr/lib/python3.6/site-packages/jwt/algorithms.py", line 259, in prepare_key key = load_pem_public_key(key) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 23, in load_pem_public_key return backend.load_pem_public_key(data) File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1274, in load_pem_public_key self._handle_key_loading_error() File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1518, in _handle_key_loading_error "Could not deserialize key data. The data may be in an " ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. To open an issue, please run: 'az feedback' cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f68469919d8>] az_command_data_logger: exit code: 1 cli.main: Command ran in 0.262 seconds (init: 0.081, invoke: 0.181) cli.azure.cli.core.decorators: Suppress exception: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 60, in
raise ex
File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 53, in
sys.exit(exit_code)
SystemExit: 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 509, in get_current_account_user active_account = self.get_subscription() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 518, in get_subscription raise CLIError(_AZ_LOGIN_MESSAGE) knack.util.CLIError: Please run 'az login' to setup account.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 74, in _wrapped_func return func(*args, *kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 57, in _decorator val = func(args, **kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/telemetry.py", line 516, in _get_user_azure_id return _get_profile().get_current_account_user() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 511, in get_current_account_user raise CLIError('There are no active accounts.') knack.util.CLIError: There are no active accounts.
cli.azure.cli.core.decorators: Suppress exception: Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 60, in
raise ex
File "/usr/lib/python3.6/site-packages/azure/cli/main.py", line 53, in
sys.exit(exit_code)
SystemExit: 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/azure/cli/core/decorators.py", line 74, in _wrapped_func return func(*args, **kwargs) File "/usr/lib/python3.6/site-packages/azure/cli/core/telemetry.py", line 526, in _get_azure_subscription_id return _get_profile().get_subscription_id() File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 535, in get_subscription_id return self.get_subscription(subscription)[_SUBSCRIPTION_ID] File "/usr/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 518, in get_subscription raise CLIError(_AZ_LOGIN_MESSAGE) knack.util.CLIError: Please run 'az login' to setup account.
telemetry.save: Save telemetry record of length 5769 in cache telemetry.check: Negative: The /home/helge/.azure/telemetry.txt was modified at 2024-01-18 20:31:24.773235, which in less than 600.000000 s helge@suse15:~>
Expected behavior
it should just work but it does not I have created a MID with role assignment- contributor for resource group if you do subscription scope, does not change
Environment Summary
Suse 15SP5 Azure VM, fresh deploy from marketplace image
helge@suse15:~> az version { "azure-cli": "2.17.1", "azure-cli-core": "2.17.1", "azure-cli-telemetry": "1.0.6", "extensions": {} } helge@suse15:~>
all available updates installed
Additional context
There was an earlier report - it was fixed with installing the azure-cli in different directory /usr/lib/python3.6/site-packages/ and NOT lib64. This is already the case. helge@suse15:~> sudo ls -la /usr/lib/python3.6/site-packages/ | grep -i azure_cli drwxr-xr-x 2 root root 130 Dec 12 15:12 azure_cli-2.17.1-py3.6.egg-info drwxr-xr-x 2 root root 130 Dec 12 15:11 azure_cli_command_modules_nspkg-2.0.3-py3.6.egg-info drwxr-xr-x 2 root root 130 Dec 12 15:12 azure_cli_core-2.17.1-py3.6.egg-info drwxr-xr-x 2 root root 130 Dec 12 15:11 azure_cli_nspkg-3.0.4-py3.6.egg-info drwxr-xr-x 2 root root 130 Dec 12 15:11 azure_cli_telemetry-1.0.6-py3.6.egg-info
This is Azure subscription within Visual Studio Enterprise subscription. I have used it successfully in a normal subscription.
It worked with browser normal az login and and allow no subscription, helge@suse15:~> az login To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code CG6MGLD9P to authenticate. [ { "cloudName": "AzureCloud", <...>
helge@suse15:~> az login --allow-no-subscriptions To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code DTCGF2MBY to authenticate. [ { "cloudName": "AzureCloud", <...>