search

capistrano / sshkit

A toolkit for deploying code and assets to servers in a repeatable, testable, reliable way.
MIT License
1.15k stars 253 forks source link

Connections with openssl-3.0.0 fail with incompatibility error #496

Closed makandra-stefan-langenmaier closed 2 years ago

makandra-stefan-langenmaier commented 2 years ago

When I try to do a deploy with capistrano and ruby-3.1.1 on Ubuntu 22.04 with OpenSSL-3.0 I get the following error. This error seems to be expected as the gem openssl-3.0.0 has deprecated the modification via set_key:

https://ruby.github.io/openssl/History_md.html#label-Version+3.0.0

#<Thread:0x00007f18f8470528 /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as XXX: rsa#set_key= is incompatible with OpenSSL 3.0 (SSHKit::Runner::ExecuteError)
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:316:in `set_key': rsa#set_key= is incompatible with OpenSSL 3.0 (OpenSSL::PKey::PKeyError)
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:316:in `read_keyblob'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:248:in `read_key'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:108:in `parse_key'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:75:in `parse_line'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:62:in `block (3 levels) in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:60:in `each_line'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:60:in `block (2 levels) in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:58:in `open'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:58:in `block in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/3.1.0/mutex_m.rb:79:in `synchronize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/3.1.0/mutex_m.rb:79:in `mu_synchronize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:47:in `parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:18:in `keys_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:122:in `block in search_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:121:in `map'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:121:in `search_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:98:in `host_keys'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:277:in `prepare_preferred_algorithms!'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:153:in `initialize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:88:in `new'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:88:in `initialize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `new'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `start'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `call'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `with'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:177:in `with_ssh'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:130:in `execute_command'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `block in create_command_and_execute'
    from <internal:kernel>:90:in `tap'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `create_command_and_execute'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:80:in `execute'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/capistrano-3.17.0/lib/capistrano/scm/tasks/git.rake:8:in `block (3 levels) in eval_rakefile'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `instance_exec'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `run'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
#<Thread:0x00007f18f8470640 /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as XXX: rsa#set_key= is incompatible with OpenSSL 3.0 (SSHKit::Runner::ExecuteError)
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:316:in `set_key': rsa#set_key= is incompatible with OpenSSL 3.0 (OpenSSL::PKey::PKeyError)
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:316:in `read_keyblob'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/buffer.rb:248:in `read_key'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:108:in `parse_key'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:75:in `parse_line'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:62:in `block (3 levels) in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:60:in `each_line'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:60:in `block (2 levels) in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:58:in `open'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:58:in `block in parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/3.1.0/mutex_m.rb:79:in `synchronize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/3.1.0/mutex_m.rb:79:in `mu_synchronize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:47:in `parse_file'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:18:in `keys_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:122:in `block in search_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:121:in `map'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh/known_hosts.rb:121:in `search_for'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:98:in `host_keys'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:277:in `prepare_preferred_algorithms!'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:153:in `initialize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:88:in `new'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:88:in `initialize'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `new'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `start'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `call'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `with'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:177:in `with_ssh'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:130:in `execute_command'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `block in create_command_and_execute'
    from <internal:kernel>:90:in `tap'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `create_command_and_execute'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:80:in `execute'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/capistrano-3.17.0/lib/capistrano/scm/tasks/git.rake:8:in `block (3 levels) in eval_rakefile'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `instance_exec'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `run'
    from /home/stefan/.asdf/installs/ruby/3.1.1/lib/ruby/gems/3.1.0/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as XXX rsa#set_key= is incompatible with OpenSSL 3.0

Caused by:
OpenSSL::PKey::PKeyError: rsa#set_key= is incompatible with OpenSSL 3.0
mattbrictson commented 2 years ago

Capistrano depends on the net-ssh gem for SSH connectivity. This issue is being tracked here: https://github.com/net-ssh/net-ssh/issues/843