search

internap / fake-switches

A pluggable switch/router command-line simulator
Apache License 2.0
66 stars 41 forks source link

fail to launch fake-switches with ssh key error #157

Open wushuzh opened 4 years ago

wushuzh commented 4 years ago

Hi

I'd like to have a try with fake-switches in my local env.

I created a venv and launch pip install -e ., then I launched but there is an error related to rsa private key error.

By the way, I am using python3, is it supported ? Or I should only use python2 ?

Traceback (most recent call last):
  File "/home/wushuzh/code/fake-switches/venv/bin/fake-switches", line 10, in <module>
    sys.exit(main())
  File "/home/wushuzh/code/fake-switches/fake_switches/cmd/main.py", line 39, in main
    ssh_service.hook_to_reactor(reactor)
  File "/home/wushuzh/code/fake-switches/fake_switches/transports/ssh_service.py", line 121, in hook_to_reactor
    b'ssh-rsa': keys.Key.fromString(data=host_private_key.encode())}
  File "/home/wushuzh/code/fake-switches/venv/lib/python3.8/site-packages/twisted/conch/ssh/keys.py", line 199, in fromString
    return method(data, passphrase)
  File "/home/wushuzh/code/fake-switches/venv/lib/python3.8/site-packages/twisted/conch/ssh/keys.py", line 442, in _fromString_PRIVATE_OPENSSH
    rsa.RSAPrivateNumbers(
  File "/home/wushuzh/code/fake-switches/venv/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py", line 311, in private_key
    return backend.load_rsa_private_numbers(self)
  File "/home/wushuzh/code/fake-switches/venv/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 628, in load_rsa_private_numbers
    return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
  File "/home/wushuzh/code/fake-switches/venv/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 316, in __init__
    raise ValueError("Invalid private key", errors)
ValueError: ('Invalid private key', [_OpenSSLErrorWithText(code=67764348, lib=4, func=160, reason=124, reason_text=b'error:040A007C:rsa routines:RSA_check_key_ex:dmp1 not congruent to d'), _OpenSSLErrorWithText(code=67764349, lib=4, func=160, reason=125, reason_text=b'error:040A007D:rsa routines:RSA_check_key_ex:dmq1 not congruent to d'), _OpenSSLErrorWithText(code=67764350, lib=4, func=160, reason=126, reason_text=b'error:040A007E:rsa routines:RSA_check_key_ex:iqmp not inverse of q')])
freedge commented 4 years ago

I think I had the same issue (paramiko apparently misusing the cryptography API) , worked it around by downgrading to cryptography==3.0

(see issue https://github.com/pyca/cryptography/issues/5440) but maybe there are newer versions of paramiko or paramiko-ng that fix it for good now.

fbouliane commented 4 years ago

Hi, python3 support is not completely landed. we have an attempt a it here https://github.com/internap/fake-switches/pull/155/files please try it and give us feedback if possible.

nathan815 commented 3 years ago

I am getting this error when simply running a fresh container of internap/fake-switches. I haven't tried building and running a customized image. Are there any known fixes for this?

$  docker run -P internap/fake-switches
/usr/local/lib/python2.7/site-packages/twisted/conch/ssh/transport.py:22: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
  from cryptography.exceptions import UnsupportedAlgorithm
Traceback (most recent call last):
  File "/usr/local/bin/fake-switches", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python2.7/site-packages/fake_switches/cmd/main.py", line 39, in main
    ssh_service.hook_to_reactor(reactor)
  File "/usr/local/lib/python2.7/site-packages/fake_switches/transports/ssh_service.py", line 121, in hook_to_reactor
    b'ssh-rsa': keys.Key.fromString(data=host_private_key.encode())}
  File "/usr/local/lib/python2.7/site-packages/twisted/conch/ssh/keys.py", line 199, in fromString
    return method(data, passphrase)
  File "/usr/local/lib/python2.7/site-packages/twisted/conch/ssh/keys.py", line 450, in _fromString_PRIVATE_OPENSSH
    ).private_key(default_backend())
  File "/usr/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py", line 317, in private_key
    return backend.load_rsa_private_numbers(self)
  File "/usr/local/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 629, in load_rsa_private_numbers
    return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
  File "/usr/local/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 361, in __init__
    raise ValueError("Invalid private key", errors)
ValueError: ('Invalid private key', [_OpenSSLErrorWithText(code=67764348L, lib=4, func=160, reason=124, reason_text='error:040A007C:rsa routines:RSA_check_key_ex:dmp1 not congruent to d'), _OpenSSLErrorWithText(code=67764349L, lib=4, func=160, reason=125, reason_text='error:040A007D:rsa routines:RSA_check_key_ex:dmq1 not congruent to d'), _OpenSSLErrorWithText(code=67764350L, lib=4, func=160, reason=126, reason_text='error:040A007E:rsa routines:RSA_check_key_ex:iqmp not inverse of q')])