Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Here's buildbot's key: buildbot.twistedmatrix.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBcw4pr6WdgDMw7PbkvsuEdCqKQTtpLYPGoe7qkuQucuexYBiCkO/BeoB0wANX2cVmxUP0llpYJQL4w3cAR0csA= I think you should be able to validate that even if you can't auth :) -g

On Dec 20, 2016, at 4:54 PM, Craig Rodrigues <rodrigc@crodrigues.org> wrote:

I'm not sure. I was able to use conch to log into a box where the ecdsa key looked like this in my ~/.ssh/known_hosts

192.168.1.2 ecdsa-sha2-nistp256 XXXXXXXXXX

--

Craig

On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz <glyph@twistedmatrix.com <mailto:glyph@twistedmatrix.com>> wrote: It works:

$ conch twistedmatrix.com <http://twistedmatrix.com/> echo hooray hooray $ conch --version Twisted version: 16.6.0dev0 $

That's using an RSA host key though. It seems that the hosts I have using ECDSA keys (buildbot.twistedmatrix.com <http://buildbot.twistedmatrix.com/>, for example) still don't work with conch. Is that expected at this point?

-glyph

...

On Dec 20, 2016, at 2:32 PM, Craig Rodrigues <rodrigc@crodrigues.org <mailto:rodrigc@crodrigues.org>> wrote:

On Friday, December 2, 2016, Glyph Lefkowitz <glyph@twistedmatrix.com <mailto:glyph@twistedmatrix.com>> wrote: I think there might be a regression in 16.6.0.

For every version up to 16.6.0, I can do 'conch twistedmatrix.com <http://twistedmatrix.com/>' in a shell and it works fine.

I believe that I have fixed this in trunk. Can you try this with conch in trunk?

This works for me in trunk:

1. Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key for myhost.com <http://myhost.com/> 2. ssh myhost.com <http://myhost.com/> 3. log out of myhost.com <http://myhost.com/> 3. see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com <http://myhost.com/> 4. conch myhost.com <http://myhost.com/> 5. successfully log into myhost.com <http://myhost.com/> with conch

Before the latest fixes, I would get a bad host key error in step 5.

Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to conch.

-- Craig

_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com <mailto:Twisted-Python@twistedmatrix.com> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python <http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python>

_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com <mailto:Twisted-Python@twistedmatrix.com> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python <http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python>

_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python