[Twisted-Python] Conch examples give me host key related errors
My google-fu is failing me (or I'm the only one with a misconfigured ssh system), but none of the examples on http://twistedmatrix.com/documents/current/conch/examples/index.html run for me. The ConchError I'm mostly getting says ('no host keys, failing', None), while the simplesshserver.py example fails with a KeyError 'sshKeyDir' Not sure where twisted-conch expects host keys to be, but my openssh host keys are fine (I have a running sshd which sources them from /etc/ssh as per usual). That being said, there's no way twisted-conch as a python user-process would have access to them (nor should it). I'm actually just wanting to use twisted-conch-manhole, but running into this problem first. Is there something I need to configure in my system?
Hi, This is most likely because of a security change I made a few versions ago, where conch will no longer use a set of default, hard-coded SSH keys. You may want to do something like https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_tap.... <https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_tap....> , and add a key yourself -- we should update these examples to add this, so that they run out of the box again. - Amber
A reply from Amber herself! Thanks for the pointer, I dug into the code a bit and figured these lines would do it (assuming publicKey and privateKey are already defined as strings) f = whatever_is_generating_a_factory(**kwargs) f.publicKeys[b'ssh-rsa'] = keys.Key.fromString(data=publicKey) f.privateKeys[b'ssh-rsa'] = keys.Key.fromString(data=privateKey) reactor.listenTCP(port, f) It seems keys is deprecated from 15.5.5 though, what's the modern alternative? On Mon, Oct 10, 2016 at 10:11 AM, Amber "Hawkie" Brown <hawkowl@atleastfornow.net> wrote:
Oh and it seems tab completion was being worked on but that's been left waiting for a while now - https://twistedmatrix.com/trac/ticket/6863 Still fantastically useful without though, so no complaints there. On Mon, Oct 10, 2016 at 10:55 AM, Oon-Ee Ng <ngoonee.talk@gmail.com> wrote:
Hi, This is most likely because of a security change I made a few versions ago, where conch will no longer use a set of default, hard-coded SSH keys. You may want to do something like https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_tap.... <https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_tap....> , and add a key yourself -- we should update these examples to add this, so that they run out of the box again. - Amber
A reply from Amber herself! Thanks for the pointer, I dug into the code a bit and figured these lines would do it (assuming publicKey and privateKey are already defined as strings) f = whatever_is_generating_a_factory(**kwargs) f.publicKeys[b'ssh-rsa'] = keys.Key.fromString(data=publicKey) f.privateKeys[b'ssh-rsa'] = keys.Key.fromString(data=privateKey) reactor.listenTCP(port, f) It seems keys is deprecated from 15.5.5 though, what's the modern alternative? On Mon, Oct 10, 2016 at 10:11 AM, Amber "Hawkie" Brown <hawkowl@atleastfornow.net> wrote:
Oh and it seems tab completion was being worked on but that's been left waiting for a while now - https://twistedmatrix.com/trac/ticket/6863 Still fantastically useful without though, so no complaints there. On Mon, Oct 10, 2016 at 10:55 AM, Oon-Ee Ng <ngoonee.talk@gmail.com> wrote:
participants (2)
-
Amber "Hawkie" Brown -
Oon-Ee Ng