Closed freedge closed 1 year ago
I am using cirros 0.5.2 to perform some rally testing. Rally spawns a VM with cirros and tries to connect to it with Paramiko.
Since release of Paramiko 2.9 a week ago, Rally fails with:
2021-12-27 09:51:20.891 425 INFO paramiko.transport [-] Connected (version 2.0, client dropbear_2018.76) 2021-12-27 09:51:20.901 425 INFO paramiko.transport [-] Authentication (publickey) failed. 2021-12-27 09:51:21.908 425 ERROR paramiko.transport [-] Exception (client): Error reading SSH protocol banner[Errno 104] Connection reset by peer: paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.910 425 ERROR paramiko.transport [-] Traceback (most recent call last):: paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.910 425 ERROR paramiko.transport [-] File "/opt/app-root/lib/python3.6/site-packages/paramiko/transport.py", line 2270, in _check_banner: paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.910 425 ERROR paramiko.transport [-] buf = self.packetizer.readline(timeout): paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.910 425 ERROR paramiko.transport [-] File "/opt/app-root/lib/python3.6/site-packages/paramiko/packet.py", line 380, in readline: paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.911 425 ERROR paramiko.transport [-] buf += self._read_timeout(timeout): paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer 2021-12-27 09:51:21.911 425 ERROR paramiko.transport [-] File "/opt/app-root/lib/python3.6/site-packages/paramiko/packet.py", line 607, in _read_timeout: paramiko.ssh_exception.SSHException: Error reading SSH protocol banner[Errno 104] Connection reset by peer
Reverting to paramiko<2.9 works around the issue.
As I was checking which cipher cirros would be using I noticed:
[fedora@fr2 ~]$ ssh 192.168.0.14 -l cirros sign_and_send_pubkey: no mutual signature supported cirros@192.168.0.14's password: ^C [fedora@fr2 ~]$ ssh -o "PubkeyAcceptedKeyTypes +ssh-dss" 192.168.0.14 -l cirros $ uname -a Linux fr3 5.3.0-26-generic #28~18.04.1-Ubuntu SMP Wed Dec 18 16:40:14 UTC 2019 x86_64 GNU/Linux
It seems that there is an issue with cirros and the ciphers it supports. (client here is running Fedora 35)
Please check with 0.6.0
This should be fixed with 0.6.0, please re-open if not.
I am using cirros 0.5.2 to perform some rally testing. Rally spawns a VM with cirros and tries to connect to it with Paramiko.
Since release of Paramiko 2.9 a week ago, Rally fails with:
Reverting to paramiko<2.9 works around the issue.
As I was checking which cipher cirros would be using I noticed:
It seems that there is an issue with cirros and the ciphers it supports. (client here is running Fedora 35)