search

Xpra-org / xpra

Persistent remote applications for X11; screen sharing for X11, MacOS and MSWindows.
https://xpra.org/
GNU General Public License v2.0
1.98k stars 169 forks source link

Switching to paramiko issues #2549

Closed totaam closed 4 years ago

totaam commented 4 years ago

Issue migrated from trac ticket # 2549

component: client | priority: major | resolution: upstream

2020-01-13 12:55:17: stdedos created the issue

In addition to the specific errors below, password input in general feels very unresponsive. Particularly, Enter is not entered in the terminal

Timeout is not handled well.

2020-01-03 10:34:32,671 Warning: unknown SSH host
The authenticity of host 'ip' can't be established.
ed25519 key fingerprint is
MD5:b1:b5:b4:0f:49:ab:62:2d:7c:1d:73:de:6e:26:82:a9
SSHFP validation failed
Are you sure you want to continue connecting (yes/NO)? ##### a lot of sleep here, to explicitly verify the key ##### yes
2020-01-03 10:40:34,192 SSH password authentication failed:
2020-01-03 10:40:34,192  No existing session
please enter the SSH password for user@ip:
2020-01-03 10:40:42,715 SSH password authentication failed:
2020-01-03 10:40:42,715  No existing session

Something-something with tray

"Xpra-Python3-x86_64_4.0-24825\xpra_cmd" shadow ssh://user@ip/0  --opengl=no --desktop-scaling=0.75 --min-speed=70 --webcam=no --speaker=off --microphone=off --pulseaudio=no --exit-with-client=no

2020-01-03 10:43:22,288 Xpra GTK3 client version 4.0-24825 64-bit
2020-01-03 10:43:22,292  running on Microsoft Windows 10
2020-01-03 10:43:22,932 GStreamer version 1.16.2 for Python 3.8.0 64-bit
2020-01-03 10:43:23,461 Connected (version 2.0, client OpenSSH_7.2p2)
2020-01-03 10:43:24,345 SSH password authentication failed:
2020-01-03 10:43:24,349  Bad authentication type; allowed types: ['publickey', 'password']
please enter the SSH password for user@ip:
2020-01-03 10:43:36,918 Authentication (password) failed.
2020-01-03 10:43:36,918 SSH password authentication failed:
2020-01-03 10:43:36,918  Authentication failed.
please enter the SSH password for user@ip:
2020-01-03 10:43:47,954 Authentication (password) successful!
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 49, in setup_xpra_tray
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 111, in create_xpra_tray
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 138, in get_tray_title
TypeError: sequence item 0: expected str instance, tuple found
2020-01-03 10:43:50,606  keyboard settings: layout=us
2020-01-03 10:43:50,606  desktop size is 1600x900 with 1 screen:
2020-01-03 10:43:50,606   Default (423x238 mm - DPI: 96x96) workarea: 1600x860
2020-01-03 10:43:50,606     (Standard monitor types) Generic PnP Monitor (309x174 mm - DPI: 131x131)
2020-01-03 10:43:50,606  downscaled to 75%, virtual screen size: 2133x1200
2020-01-03 10:43:50,606   Default (423x238 mm - DPI: 128x128) workarea: 2133x1147
2020-01-03 10:43:50,606     (Standard monitor types) Generic PnP Monitor (309x174 mm - DPI: 175x175)
2020-01-03 10:44:10,619 enabled remote logging
2020-01-03 10:44:10,635 Xpra GTK3 shadow server version 3.0.4-24778 64-bit
2020-01-03 10:44:10,635  running on Linux Ubuntu 16.04 xenial
2020-01-03 10:44:10,635  remote desktop size is 5760x1088

"Xpra-Python3-x86_64_4.0-24825\xpra_cmd" attach ssh://user@ip/20

2020-01-03 10:46:42,168 Xpra GTK3 client version 4.0-24825 64-bit
2020-01-03 10:46:42,168  running on Microsoft Windows 10
2020-01-03 10:46:42,231 Warning: failed to import opencv:
2020-01-03 10:46:42,231  No module named 'cv2'
2020-01-03 10:46:42,231  webcam forwarding is disabled
2020-01-03 10:46:42,895 GStreamer version 1.16.2 for Python 3.8.0 64-bit
2020-01-03 10:46:43,251 OpenGL_accelerate module loaded
2020-01-03 10:46:43,287 Using accelerated ArrayDatatype
2020-01-03 10:46:43,856 Warning: vendor 'Intel' is greylisted,
2020-01-03 10:46:43,856  you may want to turn off OpenGL if you encounter bugs
2020-01-03 10:46:44,121 OpenGL enabled with Intel(R) HD Graphics 4000
2020-01-03 10:46:44,842 Connected (version 2.0, client OpenSSH_7.2p2)
2020-01-03 10:46:45,723 SSH password authentication failed:
2020-01-03 10:46:45,727  Bad authentication type; allowed types: ['publickey', 'password']
please enter the SSH password for user@ip:
2020-01-03 10:46:58,166 Authentication (password) failed.
2020-01-03 10:46:58,166 SSH password authentication failed:
2020-01-03 10:46:58,166  Authentication failed.
please enter the SSH password for user@ip:
2020-01-03 10:47:02,577 Authentication (password) successful!
2020-01-03 10:47:04,205  keyboard settings: layout=us
2020-01-03 10:47:04,209  desktop size is 1600x900 with 1 screen:
2020-01-03 10:47:04,209   Default (423x238 mm - DPI: 96x96) workarea: 1600x860
2020-01-03 10:47:04,209     (Standard monitor types) Generic PnP Monitor (309x174 mm - DPI: 131x131)
2020-01-03 10:47:06,582 enabled remote logging
2020-01-03 10:47:06,586 Xpra GTK3 X11 server version 3.0.4-24778 64-bit
2020-01-03 10:47:06,590  running on Linux Ubuntu 16.04 xenial
2020-01-03 10:47:06,606 Attached to ssh://user@ip/20
2020-01-03 10:47:06,614  (press Control-C to detach)

2020-01-03 10:47:07,502 Error processing handshake callback <function TrayClient.create_xpra_tray.<locals>.reset_tray_title at 0x0000000008c8fdc0>
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/client/ui_client_base.py", line 483, in handshake_complete
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 116, in reset_tray_title
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 138, in get_tray_title
TypeError: sequence item 1: expected str instance, tuple found

(xpra_cmd:4876): Pango-WARNING **: 10:47:07.914: couldn't load font "Bitstream Vera Sans Not-Rotated 14.662109375", falling back to "Sans Not-Rotated 14.662109375", expect ugly output.
2020-01-03 10:47:08,094 sound output using 'opus' audio codec
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/client/gtk_base/gtk_client_base.py", line 1318, in reset_tray_icon
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 138, in get_tray_title
TypeError: sequence item 1: expected str instance, tuple found
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/client/gtk_base/gtk_client_base.py", line 1318, in reset_tray_icon
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 138, in get_tray_title
TypeError: sequence item 1: expected str instance, tuple found
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/client/gtk_base/gtk_client_base.py", line 1318, in reset_tray_icon
  File "E:\Xpra\trunk\src/xpra/client/mixins/tray.py", line 138, in get_tray_title
TypeError: sequence item 1: expected str instance, tuple found
2020-01-03 10:49:53,142 server is not responding, drawing spinners over the windows
2020-01-03 10:49:54,935 server is OK again
2020-01-03 10:49:58,334 server is not responding, drawing spinners over the windows
2020-01-03 10:49:58,585 server is OK again
Exception code=0xc0000005 flags=0x0 at 0x00007FF9E2CA3320. Access violation - attempting to read data at address 0x0000000012B63080
2020-01-03 10:52:53,393 Warning: long timer waiting time,
2020-01-03 10:52:53,393  UI thread polling waited 8.2 seconds longer than intended (8.7 vs 0.5)

Unknown issue regarding POSIX

"Xpra-Python3-x86_64_3.0.5-24922\xpra_cmd" shadow ssh://user@ip/0  --opengl=no --desktop-scaling=0.75 --min-speed=70 --webcam=no --speaker=off --microphone=off --pulseaudio=no

2020-01-13 12:34:03,507 Xpra GTK3 client version 3.0.5-24922 64-bit
2020-01-13 12:34:03,507  running on Microsoft Windows 10
2020-01-13 12:34:04,881 GStreamer version 1.16.2 for Python 3.8.0 64-bit
2020-01-13 12:34:05,421 Connected (version 2.0, client OpenSSH_7.2p2)
2020-01-13 12:34:05,529 SSH password authentication failed:
2020-01-13 12:34:05,533  Bad authentication type; allowed types: ['publickey', 'password']
please enter the SSH password for user@ip:
2020-01-13 12:34:18,501 Authentication (password) successful!
2020-01-13 12:34:19,117 error preparing connection: name 'POSIX' is not defined
Traceback (most recent call last):
  File "E:\Xpra\tags\v3.0.x\src/xpra/client/client_base.py", line 338, in send_hello
  File "E:\Xpra\tags\v3.0.x\src/xpra/client/gtk_base/gtk_client_base.py", line 665, in make_hello
  File "E:\Xpra\tags\v3.0.x\src/xpra/client/ui_client_base.py", line 342, in make_hello
NameError: name 'POSIX' is not defined

Session was started, and stayed even after killing the client. However, it was not shown at all.

totaam commented 4 years ago

2020-01-13 15:44:02: antoine changed owner from antoine to stdedos

totaam commented 4 years ago

2020-01-13 15:44:02: antoine commented

TypeError: sequence item 0: expected str instance, tuple found That's caused by 24825, a backport for your ticket #2528. (maybe I should not have backported it) Fixed in r24944.

NameError: name 'POSIX' is not defined That has already been fixed in the 3.0.5 release: 24926. (you're running an older pre-release build)

There are beta builds with both fixes.

In addition to the specific errors below, password input in general feels very unresponsive. How "unresponsive"? Is keyboard input delayed? I'm not seeing this problem on my test systems. It sounds similar to #2448, but we don't need a temporary main loop here as we're reading from the keyboard using sys.stdin.readline(), not using GTK or the UI at all.

Particularly, Enter is not entered in the terminal Do you mean that the Enter key cannot be used to submit the line? (again, works fine here)

totaam commented 4 years ago

2020-01-13 19:20:25: stdedos commented

Replying to [comment:1 Antoine Martin]:

TypeError: sequence item 0: expected str instance, tuple found That's caused by 24825, a backport for your ticket #2528. (maybe I should not have backported it) Fixed in r24944.

Oops 😕 Sorry about that Are you sure you fixed it though?

24825 says tags/v3.0.x/src/xpra/client/mixins/tray.py, r24944 says trunk/src/xpra/client/mixins/tray.py instread

NameError: name 'POSIX' is not defined That has already been fixed in the 3.0.5 release: 24926. (you're running an older pre-release build)

There are beta builds with both fixes. 👍

In addition to the specific errors below, password input in general feels very unresponsive. How "unresponsive"? Is keyboard input delayed? I'm not seeing this problem on my test systems. It sounds similar to #2448, but we don't need a temporary main loop here as we're reading from the keyboard using sys.stdin.readline(), not using GTK or the UI at all.

This is sudo-like password input for me i.e. no echo. I tried to see if the caret blips when I press a letter, and it does not appear to be the case.

Particularly, Enter is not entered in the terminal Do you mean that the Enter key cannot be used to submit the line? (again, works fine here)

The interaction feels like the same thing that would happen if I had entered the password wrong i.e. a forced delay about 3-5 seconds delay, maybe more. This is in addition to the Enter somehow not being echoed immediately. It doesn't "feel" like sys.stdin.readline(), since its echo seems to work okay.

Do you actually use sys.stdin.readline()? It's not e.g. this one? [/browser/xpra/trunk/src/xpra/client/client_base.py#L643]

totaam commented 4 years ago

2020-01-14 02:45:19: antoine commented

Are you sure you fixed it though? Yes, 24948 is the backport for v3.0.x

Do you actually use sys.stdin.readline()? Yes: confirm_key does use it when not using a dialog (tty mode): [/browser/xpra/trunk/src/xpra/net/ssh.py#L127].

getpass is used for "please enter the SSH password for user@ip:", and not the line you highlighted using "##### a lot of sleep here, to explicitly verify the key #####". Are the two prompts behaving differently? If so, we can switch to the "good" one. Could be related to python bug 18597: On Windows sys.stdin.readline() doesn't handle Ctrl-C properly.

totaam commented 4 years ago

2020-01-14 05:38:55: stdedos commented

Apologies for the confusion.

Note

In addition to the specific errors below, password input in general feels very unresponsive. Particularly, Enter is not entered in the terminal

refers to the password input. It was a general observation, and not tied specifically to the timeout issue following it.

The timeout issue is me, taking a long time (I would guess 5-10 minutes) to verify the host key. I didn't consider that different backends use different known hosts entries.

totaam commented 4 years ago

2020-01-14 08:29:54: antoine commented

refers to the password input. It was a general observation, and not tied specifically to the timeout issue following it. So the "slow" one is the one using getpass. The host key confirmation (which is using readline) is not slow?

What are you different? I've tried win7, win10. From cmd shell, powershell. And I have not seen any issues.

I didn't consider that different backends use different known hosts entries. The paramiko backend is meant to use the same "known-host" files as openssh. You can view the paths it will try to load by running Path_info.exe (in latest v4 only for now).

totaam commented 4 years ago

2020-01-14 08:44:01: stdedos commented

Replying to [comment:3 Antoine Martin]:

Are you sure you fixed it though? Yes, 24948 is the backport for v3.0.x

Would you please update the python3-xpra for xenial?

There are not enough packages to downgrade from:

$ apt-cache madison python3-xpra 
python3-xpra | 3.0.5-24939-1 | https://xpra.org xenial/main amd64 Packages
python3-xpra | 3.0.4-24778-1 | https://xpra.org xenial/main amd64 Packages

(i.e. I feel that 24778 might be too old)

Replying to [comment:5 Antoine Martin]:

refers to the password input. It was a general observation, and not tied specifically to the timeout issue following it. So the "slow" one is the one using getpass. The host key confirmation (which is using readline) is not slow?

No, it is not. I was slow in verifying the hostkey myself, manually, remotely, from other means that I have had already used (I ended up connecting via WinSCP's terminal).

I think that is what caused these

2020-01-03 10:40:34,192 SSH password authentication failed:
2020-01-03 10:40:34,192  No existing session
please enter the SSH password for user@ip:
2020-01-03 10:40:42,715 SSH password authentication failed:
2020-01-03 10:40:42,715  No existing session

messages. I was able to sign in normally immediately after I restarted the xpra process.

What are you different? I've tried win7, win10. From cmd shell, powershell. And I have not seen any issues.

:/ No idea, Win10/cmd sounds my case. What diagnostics can I enable? Should I enable something for paramiko too?

I didn't consider that different backends use different known hosts entries. The paramiko backend is meant to use the same "known-host" files as openssh. You can view the paths it will try to load by running Path_info.exe (in latest v4 only for now).

WinSCP, openssh, plink might be using their own separate methods for known hosts. I'll try to see if they can converge somewhere.

totaam commented 4 years ago

2020-01-14 14:18:19: antoine commented

Would you please update the python3-xpra for xenial? There are 3.0.6-RC packages for xenial in the beta area.

(i.e. I feel that 24778 might be too old) It is.

BTW, the commit number was wrong, the backport is actually in 24948. It's small enough that you can apply it by hand if you want.

What diagnostics can I enable? Not a lot. -d ssh debugs ssh connection steps, but the password input is just one python library call. You could run the whole thing under strace to see if it is doing anything, but it's going to be very verbose and you won't see the prompt...

totaam commented 4 years ago

2020-01-20 10:52:19: stdedos commented

Replying to [comment:7 Antoine Martin]:

What diagnostics can I enable? Not a lot. -d ssh debugs ssh connection steps, but the password input is just one python library call. You could run the whole thing under strace to see if it is doing anything, but it's going to be very verbose and you won't see the prompt...

That's the closest to diagnostics I could give:

2020-01-20 12:43:37,907 host keys=<paramiko.hostkeys.HostKeys object at 0x0000000007e2bb50>
2020-01-20 12:43:37,907 ed25519 host key 'MD5:b1:b5:b4:0f:49:ab:62:2d:7c:1d:73:de:6e:26:82:a9' OK for host '172.16.57.121'
2020-01-20 12:43:37,907 starting authentication
2020-01-20 12:43:37,907 trying none authentication
2020-01-20 12:43:38,063 auth_none()
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/net/ssh.py", line 576, in auth_none
  File "C:/msys64/mingw64/lib/python3.8/site-packages/paramiko/transport.py", line 1446, in auth_none
  File "C:/msys64/mingw64/lib/python3.8/site-packages/paramiko/auth_handler.py", line 250, in wait_for_response
paramiko.ssh_exception.BadAuthenticationType: Bad authentication type; allowed types: ['publickey', 'password']
2020-01-20 12:43:38,079 agent keys: ()
2020-01-20 12:43:38,079 trying public key authentication using ['%UserProfile%/.ssh\\id_rsa', '%UserProfile%/.ssh\\id_dsa']
2020-01-20 12:43:38,095 no keyfile at '%UserProfile%/.ssh\id_rsa'
2020-01-20 12:43:38,095 no keyfile at '%UserProfile%/.ssh\id_dsa'
2020-01-20 12:43:38,095 trying interactive authentication
2020-01-20 12:43:38,157 auth_interactive(..)
Traceback (most recent call last):
  File "E:\Xpra\trunk\src/xpra/net/ssh.py", line 605, in auth_interactive
  File "C:/msys64/mingw64/lib/python3.8/site-packages/paramiko/transport.py", line 1633, in auth_interactive
  File "C:/msys64/mingw64/lib/python3.8/site-packages/paramiko/auth_handler.py", line 250, in wait_for_response
paramiko.ssh_exception.BadAuthenticationType: Bad authentication type; allowed types: ['publickey', 'password']
2020-01-20 12:43:38,157 SSH password authentication failed:
2020-01-20 12:43:38,157  Bad authentication type; allowed types: ['publickey', 'password']
please enter the SSH password for user@ip:
2020-01-20 12:43:46,985 trying password authentication
2020-01-20 12:43:47,001 Authentication (password) successful!

I don't think it takes me 9 seconds to type in my password.

Since you cannot reproduce it, and you have fixed me all of the other issues, I guess you can close as fixed

totaam commented 4 years ago

2020-01-20 12:25:55: antoine commented

Related: for openssh new-format key files see #2307

totaam commented 4 years ago

2020-01-20 12:50:25: antoine changed status from new to assigned

totaam commented 4 years ago

2020-01-20 12:50:25: antoine changed owner from stdedos to antoine

totaam commented 4 years ago

2020-01-20 12:50:25: antoine commented

Since you cannot reproduce it, and you have fixed me all of the other issues, I guess you can close as fixed The problem is still there, let's keep it open, for now.

totaam commented 4 years ago

2020-02-13 16:12:52: antoine commented

I've seen the problem, and now that I'm trying to reproduce it, it's gone. Why!?

totaam commented 4 years ago

2020-02-13 18:13:14: stdedos commented

😂😂😂😂😂😂😂😂😂😂

Oh it's gonna be a very fun bug to catch.

I can't wait .....

totaam commented 4 years ago

2020-03-01 05:06:56: antoine commented

Could well be related to this GTK3 bug: gtk3: disable low level keyboard hook. In particular from System-wide keyboard event delay if main thread is blocked (Windows): Keyboard input processing should not be affected in a general context. The logic controlling or affecting input queue and winapi message handling should be restricted the behavior of the program itself at runtime rather than affecting the user's ability to utilize other programs.

totaam commented 4 years ago

2020-03-19 16:25:48: antoine changed status from assigned to closed

totaam commented 4 years ago

2020-03-19 16:25:48: antoine set resolution to upstream

totaam commented 4 years ago

2020-03-19 16:25:48: antoine commented

Closing as upstream, nothing we can do here.