Closed kdm9 closed 9 years ago
I've added that option, but I get this when running it:
2014-07-09 07:11:02,543 - paramiko.transport - ERROR - self._parse_kex_init(m) 2014-07-09 07:11:02,543 - paramiko.transport - ERROR - File "/usr/local/lib/python2.7/dist-packages/paramiko-1.14.0-py2.7.egg/paramiko/transport.py", line 1663, in _parse_kex_init 2014-07-09 07:11:02,543 - paramiko.transport - ERROR - raise SSHException('Incompatible ssh server (no acceptable ciphers)') 2014-07-09 07:11:02,543 - paramiko.transport - ERROR - SSHException: Incompatible ssh server (no acceptable ciphers) 2014-07-09 07:11:02,543 - paramiko.transport - ERROR - 2014-07-09 07:11:02,573 - main - ERROR - Incompatible ssh server (no acceptable ciphers) ^CTraceback (most recent call last):
On Thu, Jul 3, 2014 at 11:42 AM, Kevin Murray notifications@github.com wrote:
The capture process is limited by CPU, particularly in the encryption during the upload process. This isn't a high security application. Therefore, arcfour is probably the best cipher to use.
You can pass a list of ciphers to a sftp.Connection() initialiser. i.e.:
link = sftp.Connection(host=hostname, username=user, password=passwd, ciphers=['arcfour128',])
— Reply to this email directly or view it on GitHub https://github.com/borevitzlab/spc-eyepi/issues/7.
OK, you then need to specify something like ciphers=['arcfour128', 'aes256']
. I.e., prefer arcfour if the server supports it, otherwise fall back to something sane and common.
I get:
2014-07-11 06:06:18,617 - main - INFO - Program Startup 2014-07-11 06:06:18,634 - main - DEBUG - Preparing to upload 114 files 2014-07-11 06:06:18,634 - main - DEBUG - Connecting 2014-07-11 06:06:18,713 - main - ERROR - unknown cipher
On Wed, Jul 9, 2014 at 6:00 PM, Kevin Murray notifications@github.com wrote:
OK, you then need to specify something like ciphers=['arcfour128', 'aes256']. I.e., prefer arcfour if the server supports it, otherwise fall back to something sane and common.
— Reply to this email directly or view it on GitHub https://github.com/borevitzlab/spc-eyepi/issues/7#issuecomment-48440526.
aes256 is just an example, you need to inspect the ones that paramiko says the connection supports. It prints a list out in its debug log.
Arcfour cipher doesn't appear to be supported on your server.
However, the upload is working:
2014-07-17 16:32:24,910 - main - INFO - Successfuly uploaded images/DAVID_2014-07-17_16-19-03.CR2 2014-07-17 16:32:24,952 - paramiko.transport.sftp - DEBUG - [chan 1] open('DAVID_2014-07-17_16-19-03.ppm', 'wb') 2014-07-17 16:32:25,372 - paramiko.transport.sftp - DEBUG - [chan 1] open('DAVID_2014-07-17_16-19-03.ppm', 'wb') -> 0002 2014-07-17 16:43:42,949 - paramiko.transport.sftp - DEBUG - [chan 1] close(0002) 2014-07-17 16:43:47,032 - paramiko.transport.sftp - DEBUG - [chan 1] stat('DAVID_2014-07-17_16-19-03.ppm') 2014-07-17 16:43:52,541 - main - INFO - Successfuly uploaded images/DAVID_2014-07-17_16-19-03.ppm 2014-07-17 16:43:52,579 - main - DEBUG - Disconnecting
On Fri, Jul 11, 2014 at 9:39 AM, Kevin Murray notifications@github.com wrote:
aes256 is just an example, you need to inspect the ones that paramiko says the connection supports. It prints a list out in its debug log.
— Reply to this email directly or view it on GitHub https://github.com/borevitzlab/spc-eyepi/issues/7#issuecomment-48678502.
Can you confirm that the change to arcfour was made, per my above comments?
I made the change, but the server reported that arcfour cipher wasn't supported by your server.
So I reverted the code back so that the uploads were working again. Which they are now.
When you request that I debug the system to find alternate ciphers that are availabe on the server, how much time would you like me to spend on that ?
On Thu, Jul 17, 2014 at 6:29 PM, Kevin Murray notifications@github.com wrote:
Can you confirm that the change to arcfour was made, per my above comments?
— Reply to this email directly or view it on GitHub https://github.com/borevitzlab/spc-eyepi/issues/7#issuecomment-49272602.
Content preview: None, I'll do it. Just seeing if you had. K On Thu, 17 Jul 2014 03:03:35 -0700 David Lyon notifications@github.com wrote: [...]
Content analysis details: (-1.0 points, 5.0 required)
pts rule name description
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
None, I'll do it. Just seeing if you had.
K
On Thu, 17 Jul 2014 03:03:35 -0700 David Lyon notifications@github.com wrote:
I made the change, but the server reported that arcfour cipher wasn't supported by your server.
So I reverted the code back so that the uploads were working again. Which they are now.
When you request that I debug the system to find alternate ciphers that are availabe on the server, how much time would you like me to spend on that ?
On Thu, Jul 17, 2014 at 6:29 PM, Kevin Murray notifications@github.com wrote:
Can you confirm that the change to arcfour was made, per my above comments?
— Reply to this email directly or view it on GitHub https://github.com/borevitzlab/spc-eyepi/issues/7#issuecomment-49272602.
Reply to this email directly or view it on GitHub: https://github.com/borevitzlab/spc-eyepi/issues/7#issuecomment-49287283
The default cipher is not too complex. And since threading the capture and uploads, it's non-blocking. I'll look at changing the cipher shortly but I don't think that it will make much difference.
The capture process is limited by CPU, particularly in the encryption during the upload process. This isn't a high security application. Therefore, arcfour is probably the best cipher to use.
You can pass a list of ciphers to a
sftp.Connection()
initialiser. i.e.: