Re: [paramiko] Unknown private key cipher AES-128-CBC
Hello, thank you, by applying this fix everything works perfectly for me. On 9 September 2010 16:30, James Bardin wrote: > On Wed, Sep 8, 2010 at 6:49 PM, Robey Pointer > wrote: > > > > It may be as simple as adding another line to the top of pkey.py, in the > _CIPHER_TABLE: > > > >'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': 16, > 'mode': AES.MODE_CBC } > > > > Could you try that and let me know if it fixes it? > > > > Hi Robey, > > That works using a private key generated by openssl. > > > --- a/paramiko/pkey.py > +++ b/paramiko/pkey.py > @@ -25,7 +25,7 @@ from binascii import hexlify, unhexlify > import os > > from Crypto.Hash import MD5 > -from Crypto.Cipher import DES3 > +from Crypto.Cipher import DES3, AES > > from paramiko.common import * > from paramiko import util > @@ -40,6 +40,7 @@ class PKey (object): > > # known encryption types for private key files: > _CIPHER_TABLE = { > +'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': > 16, 'mode': AES.MODE_ > 'DES-EDE3-CBC': { 'cipher': DES3, 'keysize': 24, 'blocksize': > 8, 'mode': DES3.MOD > } > -- Regards, Ludovico Fischer ___ paramiko mailing list paramiko@lag.net http://www.lag.net/cgi-bin/mailman/listinfo/paramiko
Re: [paramiko] Unknown private key cipher AES-128-CBC
On Wed, Sep 8, 2010 at 6:49 PM, Robey Pointer wrote: > > It may be as simple as adding another line to the top of pkey.py, in the > _CIPHER_TABLE: > > 'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': 16, > 'mode': AES.MODE_CBC } > > Could you try that and let me know if it fixes it? > Hi Robey, That works using a private key generated by openssl. --- a/paramiko/pkey.py +++ b/paramiko/pkey.py @@ -25,7 +25,7 @@ from binascii import hexlify, unhexlify import os from Crypto.Hash import MD5 -from Crypto.Cipher import DES3 +from Crypto.Cipher import DES3, AES from paramiko.common import * from paramiko import util @@ -40,6 +40,7 @@ class PKey (object): # known encryption types for private key files: _CIPHER_TABLE = { +'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': 16, 'mode': AES.MODE_ 'DES-EDE3-CBC': { 'cipher': DES3, 'keysize': 24, 'blocksize': 8, 'mode': DES3.MOD } ___ paramiko mailing list paramiko@lag.net http://www.lag.net/cgi-bin/mailman/listinfo/paramiko
Re: [paramiko] Unknown private key cipher AES-128-CBC
On 7 Sep 2010, at 08:05, James Bardin wrote: > On Mon, Sep 6, 2010 at 7:37 PM, Ludovico Fischer wrote: >> Hello, >> I am on Fedora 13 with Paramiko 1.7.6. I am using a key generated on Fedora >> 12. >> >> client = paramiko.SSHClient() >> client.load_system_host_keys() >> client.connect('hostname', username='autore') >> >> raises the following exception >> >> File "/usr/lib/python2.6/site-packages/paramiko/client.py", line 327, in >> connect >> self._auth(username, password, pkey, key_filenames, allow_agent, >> look_for_keys) >> File "/usr/lib/python2.6/site-packages/paramiko/client.py", line 481, in >> _auth >> raise saved_exception >> paramiko.SSHException: Unknown private key cipher "AES-128-CBC" >> > > paramiko only supports des3 encrypted private keys (DES-EDE3-CBC) It may be as simple as adding another line to the top of pkey.py, in the _CIPHER_TABLE: 'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': 16, 'mode': AES.MODE_CBC } Could you try that and let me know if it fixes it? robey ___ paramiko mailing list paramiko@lag.net http://www.lag.net/cgi-bin/mailman/listinfo/paramiko
Re: [paramiko] Unknown private key cipher AES-128-CBC
On Mon, Sep 6, 2010 at 7:37 PM, Ludovico Fischer wrote: > Hello, > I am on Fedora 13 with Paramiko 1.7.6. I am using a key generated on Fedora > 12. > > client = paramiko.SSHClient() > client.load_system_host_keys() > client.connect('hostname', username='autore') > > raises the following exception > > File "/usr/lib/python2.6/site-packages/paramiko/client.py", line 327, in > connect > self._auth(username, password, pkey, key_filenames, allow_agent, > look_for_keys) > File "/usr/lib/python2.6/site-packages/paramiko/client.py", line 481, in > _auth > raise saved_exception > paramiko.SSHException: Unknown private key cipher "AES-128-CBC" > paramiko only supports des3 encrypted private keys (DES-EDE3-CBC) > Now, I do not remember exactly what command I have used to generate this > key, but I don't think I did anything fancy. > So it seems a bit strange that the cipher could be particularly unusual. Is > this a bug with the distribution? Is there some library missing? > AFAIK, openssh currently only supports des3 as well, and the ssh-keygen program has no options to specify cipher. I'm guessing that you used another tool (like openssl) to generate your key file. -jim -- James Bardin Systems Engineer Boston University IS&T ___ paramiko mailing list paramiko@lag.net http://www.lag.net/cgi-bin/mailman/listinfo/paramiko