On Dec 2, 2016, at 4:41 PM, Craig Rodrigues <rodrigc@crodrigues.org> wrote:
Glyph,
I took your fix, and added some fixes of my own for __repr__() printing of EC keys in this branch:
https://github.com/twisted/twisted/pull/615 <https://github.com/twisted/twisted/pull/615>
If I run the tests, I get a new failure:
trial twisted.conch.test.test_keys.KeyTests.test_fromBlobECDSA
Traceback (most recent call last): File "/Users/crodrigues/twisted_15/src/twisted/conch/test/test_keys.py", line 776, in test_fromBlobECDSA eckey = keys.Key.fromString(ecblob) File "/Users/crodrigues/twisted_15/src/twisted/conch/ssh/keys.py", line 197, in fromString return method(data) File "/Users/crodrigues/twisted_15/src/twisted/conch/ssh/keys.py", line 253, in _fromString_BLOB default_backend())) File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization.py", line 69, in load_ssh_public_key return loader(key_type, rest, backend) File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization.py", line 103, in _load_ssh_ecdsa_public_key 'Key header and key body contain different key type values.'
builtins.ValueError: Key header and key body contain different key type values.
Also, if I try to access my machine with: conch 192.168.1.2
I see that in the matchesKey() function on this line: https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/client/known... <https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/client/known...>
self.publicKey is an EC key, while keyObject is an RSA key.
Therefore this function always fails, and I cannot log into the box.
Any ideas?
It looks like https://github.com/twisted/twisted/blob/e48500b94a3b3c751a4ccea36db95a45db8c... isn't really geared towards the idea that there might be multiple entries for one host. The first step toward a fix would be to correct that algorithm to only fail if no matches are found, or to specifically check the key type before failing. -glyph