Ruckus Unleashed integration is using SSH with older host key algorithms

[pathia]

The problem

The Ruckus integration is unable to establish a SSH connection to the AP because of the AP using older host key algorithms

What version of Home Assistant Core has the issue?

Home Assistant 2022.7.0

What was the last working version of Home Assistant Core?

No response

What type of installation are you running?

Home Assistant OS

Integration causing the issue

Ruckus Unleashed

Link to integration documentation on our website

https://www.home-assistant.io/integrations/ruckus_unleashed/

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

No response

Additional information

FYI the AP I'm using is a R510 running 200.12.10.105.129 which is completely up to date currently. While the Ruckus integration output wasn't helpful I tried establishing SSH connection from the command line and this seems to show what is going wrong. If I then manually add the host key algorithm I can sucesfully establish a SSH connection.

ssh -v homeass@MY_AP_IP

debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with MY_AP_IP port 22: no matching host key type found. Their offer: ssh-rsa #ssh -v -oHostKeyAlgorithms=+ssh-rsa homeass@MY_AP_IP debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-rsa Please login:

[probot-home-assistant[bot]]

ruckus_unleashed documentation ruckus_unleashed source _{^{(message by IssueLinks)}}

[probot-home-assistant[bot]]

Hey there @gabe565, mind taking a look at this issue as it has been labeled with an integration (ruckus_unleashed) you are listed as a code owner for? Thanks! _{^{(message by CodeOwnersMention)}}

[erwangrouj]

Problem with R600, I get a connection error while trying to reinstall the integration.

[andornaut]

Confirmed on Ruckus r610 and r720 since upgrading to HA 2022.7.

[sg1888]

Same issue with my R710 running the latest unleashed firmware 200.12.10.105.129. Unable to establish connection to host :/

[pcmoore]

As another data point, I'm having the same problem with HA 2022.7, Unleashed version 200.12.10.105.129, and a mix of Ruckus R710 and R510 access points.

[cobirnm]

I have the same with unleashed 200.12.10.105.129 and HA 2022.7

[freeskier93]

Same issue for me with unleashed 200.12.10.105.129 and HA 2022.7

[clipz98]

I can also confirm my 200.12.10.105.100 for my R650, R610, and H510 is having issues on 2022.7.1

[sg1888]

Looks like this issue is related to the Python 3.10 upgrade, which removed certain ciphers. A few other integrations are having the same problem.

Elk - https://github.com/home-assistant/core/issues/74551

[facastagnini]

Same issue with R500 running the latest firmware version 200.7.10.202.127

[gabe565]

Thanks for the reports! This is due to a recent upgrade that removed the ssh-rsa HostKeyAlgorithm from the default supported list. That is the only algorithm that Ruckus devices support, so the ssh command needs to add it explicitly. I am releasing an update to the pyruckus package to add this algorithm back and will submit a PR to bump the version to Home Assistant soon!

I don't have access to a device at the moment, so I may need someone to help test the update once it has been released. I'll post another comment when ready!

[gabe565]

I have released Pyruckus 0.15 and am running automated tests against it. Could someone set up a development environment and test the update branch against your device? Thank you!

Edit: a couple of tests failed. Getting those updated and will post back

[qupada]

Started dev environment from 2af7be7e7074fe898cf47fc36dd85e20728474ea, successfully connected to Unleashed 200.12.10.105.129 (R650, H550, T350).

Getting a few console warnings though, about a dozen of these from assorted functions if I reload the automation.

2022-07-11 18:03:12.609 WARNING (MainThread) [homeassistant.util.async_] Detected blocking call to sleep inside the event loop. This is causing stability issues. Please report issue for ruckus_unleashed doing blocking calls at homeassistant/components/ruckus_unleashed/__init__.py, line 32: ruckus = await Ruckus.create( 2022-07-11 18:03:13.201 WARNING (MainThread) [homeassistant.util.async_] Detected blocking call to sleep inside the event loop. This is causing stability issues. Please report issue for ruckus_unleashed doing blocking calls at homeassistant/components/ruckus_unleashed/coordinator.py, line 40: clients = await self.ruckus.current_active_clients()

[gabe565]

That's good news! Thanks for testing. I'll fix the warnings before creating a PR.

[gabe565]

@qupada Found the issue. By default, the pexpect library adds a 0.05s sleep statement before writing a command. I have removed this and bumped the library to 0.16. Mind testing with the latest commit on that branch?

[qupada]

@gabe565 I'm not finding that 0.16 release. HASS startup, or manually running pip install pyruckus==0.16. Not seeing it in PyPI either: https://pypi.org/project/pyruckus/#history

ERROR: Could not find a version that satisfies the requirement pyruckus==0.16 (from versions: 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.10, 0.11, 0.11.1, 0.11.2, 0.12, 0.13.dev0, 0.13.dev1, 0.13, 0.14, 0.15)
ERROR: No matching distribution found for pyruckus==0.16

However, I checked out the 0.16 tag from your pyruckus repo, butchered the setup.py command line arguments to stuff the resulting files into venv/lib/python3.9/ inside the HASS repo, and then it launches fine.

No more console warnings, either.

[gabe565]

@qupada Oops, forgot I have to create a release in GitHub and not just a git tag 🤦 thank you for testing! I'll go ahead and submit a PR. I created a mock SSH repo so I already tested it locally, just wanted to verify against real hardware.