subject:"\[Twisted\-Python\] conch problem with ecdsa\-sha2\-nistp256 host key\?"

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2017-01-21 Thread Craig Rodrigues

On Fri, Jan 20, 2017 at 10:21 PM, Glyph Lefkowitz 
wrote:

>
>
> I finally got around to trying this, and was baffled as to why the
> behavior wasn't different between trunk and trunk-with-merged-PRs; then I
> realized the commits from both were already in trunk :-).  Seems to work
> great now vs. 16.0 - thank you for fixing this!
>
>
Many thanks to the0id  Abhishek Choudhary for doing this to add ECDSA
support to conch.
I just fixed up some of the rough edges in conch.

One minor thing I noticed about conch that deviates from the OpenSSH client
is that conch wants to write two entries in ~/.ssh/known_hosts for each
host it
connects to:
- one entry for the hostname
- one entry for the IP address

If the entry doesn't exist already, then the encoded form of the hostname
is written, so it looks like:

|1|8QluEPLDr6TMoscEvJPcpzFGhGo=|5wLvN+5WhahGWukK2XtBFd/tjaQ=
ecdsa-sha2-nistp256
E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAmhQ2+fYcGOOdLqOsRQ5wzvQjP9K1tpF9+UTwLi9UIBIWOySfJBDtkZvycrIYcNolofySA//ffJA4ka0EvfAbg=

|1|EHrWwxCedWehiySnBrsY8YW/9TE=|uDqYMkrF0rvXgQIdDsUhBgPzKEo=
ecdsa-sha2-nistp256
E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAmhQ2+fYcGOOdLqOsRQ5wzvQjP9K1tpF9+UTwLi9UIBIWOySfJBDtkZvycrIYcNolofySA//ffJA4ka0EvfAbg=
This seems quite weird to me, and I'm not sure why this behavior was
implemented
differently from the OpenSSH client.

I didn't change this behavior, though.
--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2017-01-20 Thread Glyph Lefkowitz


> On Dec 21, 2016, at 5:40 PM, Craig Rodrigues  wrote:
> 
> 
> 
> On Wed, Dec 21, 2016 at 4:46 PM, Glyph Lefkowitz  > wrote:
> 
> 
> Can you file a new ticket for each of these?  The ordering thing seems super 
> low priority, but not being able to receive multiple host keys is definitely 
> a spec violation.
> 
> Thanks for figuring it out,
> 
> 
> Can you try these two patches, combined in one workspace ?
> 
> https://github.com/twisted/twisted/pull/640 
> 
> https://github.com/twisted/twisted/pull/642 
> 
I finally got around to trying this, and was baffled as to why the behavior 
wasn't different between trunk and trunk-with-merged-PRs; then I realized the 
commits from both were already in trunk :-).  Seems to work great now vs. 16.0 
- thank you for fixing this!

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-21 Thread Craig Rodrigues

On Wed, Dec 21, 2016 at 4:46 PM, Glyph Lefkowitz 
wrote:

>
>
> Can you file a new ticket for each of these?  The ordering thing seems
> super low priority, but not being able to receive multiple host keys is
> definitely a spec violation.
>
> Thanks for figuring it out,
>
>
Can you try these two patches, combined in one workspace ?

https://github.com/twisted/twisted/pull/640
https://github.com/twisted/twisted/pull/642

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-21 Thread Glyph Lefkowitz


> On Dec 20, 2016, at 7:32 PM, Craig Rodrigues  wrote:
> 
> On Tue, Dec 20, 2016 at 6:24 PM, Glyph Lefkowitz  > wrote:
> 
>  
> 
> So... is this because buildbot.twistedmatrix.com 
>  has an RSA key as well, and when it 
> offers it, our checking isn't correctly comparing the type before deciding 
> that it doesn't match, or allowing for multiple keys?  I notice that if I 
> manually add the RSA key and delete the ECDSA key it seems to work.
> 
> -g
> 
> 
> 
> Yes, that is part of it.
> What is happening is that the conch client sends a MSG_KEXINIT
> packet to the server to negotatiate what the host key should be.
> If I use an OpenSSH ssh client to connect to OpenSSH sshd server,
> the negotiated host key algorithm is ecdsa-sha2-nistp256.
> 
> If I use a conch client to connect to the OpenSSH sshd server,
> the negotiated host key algorithm is ssh-rsa.
> 
> I started a test instance of the sshd server with:
> 
> /usr/sbin/sshd -p 9000 -d -d -d
> 
> and captured the logs (see attached).
> 
> I think some problems are:
>   (1)  conch proposes a list of host key algorithms in a different order than
>  OpenSSH.  It shouldn't matter, but conch proposes ssh-rsa first,
>  while OpenSSH proposes it last.
>   (2)  OpenSSH client seems to be able to receive multiple host keys back
>  from the server, and can match the one it has.

Can you file a new ticket for each of these?  The ordering thing seems super 
low priority, but not being able to receive multiple host keys is definitely a 
spec violation.

Thanks for figuring it out,

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Craig Rodrigues

On Tue, Dec 20, 2016 at 7:32 PM, Craig Rodrigues 
wrote:

> On Tue, Dec 20, 2016 at 6:24 PM, Glyph Lefkowitz 
> wrote:
>
>>
>>
>
>>
>> So... is this because buildbot.twistedmatrix.com has an RSA key as well,
>> and when it offers it, our checking isn't correctly comparing the type
>> before deciding that it doesn't match, or allowing for multiple keys?  I
>> notice that if I manually add the RSA key and delete the ECDSA key it seems
>> to work.
>>
>> -g
>>
>>
>
> Yes, that is part of it.
> What is happening is that the conch client sends a MSG_KEXINIT
> packet to the server to negotatiate what the host key should be.
> If I use an OpenSSH ssh client to connect to OpenSSH sshd server,
> the negotiated host key algorithm is ecdsa-sha2-nistp256.
>
> If I use a conch client to connect to the OpenSSH sshd server,
> the negotiated host key algorithm is ssh-rsa.
>
> I started a test instance of the sshd server with:
>
> /usr/sbin/sshd -p 9000 -d -d -d
>
> and captured the logs (see attached).
>
> I think some problems are:
>   (1)  conch proposes a list of *host key algorithms* in a different
> order than
>  OpenSSH.  It shouldn't matter, but conch proposes ssh-rsa first,
>  while OpenSSH proposes it last.
>   (2)  OpenSSH client seems to be able to receive multiple host keys back
>  from the server, and can match the one it has.
>
> --
> Craig
>
>
Here are the proper logs.
Script started on Tue Dec 20 18:50:57 2016
Command: /usr/sbin/sshd -p 9000 -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config

debug2: load_server_config: done config len = 197

debug2: parse_server_config: config /etc/ssh/sshd_config len 197

debug3: /etc/ssh/sshd_config:49 setting PermitRootLogin yes

debug3: /etc/ssh/sshd_config:131 setting Subsystem sftp /usr/libexec/sftp-server

debug1: sshd version OpenSSH_7.2, OpenSSL 1.0.2j-freebsd  26 Sep 2016

debug1: private host key #0: ssh-rsa 
SHA256:73H4OcFhNGdHY2sVsbBOVVOudub2EkvfYNlwpxWM1Xw

debug1: private host key #1: ssh-dss 
SHA256:6BQ11F0ejGONS1+d4O63t7fyyGKaEyW33a73x5G/3ic

debug1: private host key #2: ecdsa-sha2-nistp256 
SHA256:jkq3WG/EU+yyyg8xemPshcErRvPYmSbU202opbYgzHU

debug1: private host key #3: ssh-ed25519 
SHA256:59NbS+jIUH9ADjLpk5nQLKq229hrx89QpAd3Z3Ts6j4

debug1: rexec_argv[0]='/usr/sbin/sshd'

debug1: rexec_argv[1]='-p'

debug1: rexec_argv[2]='9000'

debug1: rexec_argv[3]='-d'

debug1: rexec_argv[4]='-d'

debug1: rexec_argv[5]='-d'

debug2: fd 3 setting O_NONBLOCK

debug3: Fssh_sock_set_v6only: set socket 3 IPV6_V6ONLY

debug1: Bind to port 9000 on ::.

debug1: Server TCP RWIN socket size: 65536

Server listening on :: port 9000.

debug2: fd 4 setting O_NONBLOCK

debug1: Bind to port 9000 on 0.0.0.0.

debug1: Server TCP RWIN socket size: 65536

Server listening on 0.0.0.0 port 9000.

debug1: fd 5 clearing O_NONBLOCK

debug1: Server will not fork when running in debugging mode.

debug3: send_rexec_state: entering fd = 8 config len 197

debug3: ssh_msg_send: type 0

debug3: send_rexec_state: done

debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8

debug1: inetd sockets after dupping: 3, 3

debug1: res_init()

Connection from 192.168.1.5 port 58547 on 192.168.1.2 port 9000

debug1: Client protocol version 2.0; client software version Twisted

debug1: no match: Twisted

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_7.2 FreeBSD-20160310

debug2: fd 3 setting O_NONBLOCK

debug3: ssh_sandbox_init: preparing capsicum sandbox

debug2: Network child is on pid 69006

debug3: preauth child monitor started

debug3: privsep user:group 22:22 [preauth]

debug1: permanently_set_uid: 22/22 [preauth]

debug3: list_hostkey_types: ssh-dss key not permitted by HostkeyAlgorithms 
[preauth]

debug1: list_hostkey_types: 
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

debug3: send packet: type 20 [preauth]

debug1: SSH2_MSG_KEXINIT sent [preauth]

debug3: receive packet: type 20 [preauth]

debug1: SSH2_MSG_KEXINIT received [preauth]

debug2: local server KEXINIT proposal [preauth]

debug2: KEX algorithms: 
curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
 [preauth]

debug2: host key algorithms: 
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

debug2: ciphers ctos: 
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
 [preauth]

debug2: ciphers stoc: 
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
 [preauth]

debug2: MACs ctos:

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Craig Rodrigues

On Tue, Dec 20, 2016 at 6:24 PM, Glyph Lefkowitz 
wrote:

>
>

>
> So... is this because buildbot.twistedmatrix.com has an RSA key as well,
> and when it offers it, our checking isn't correctly comparing the type
> before deciding that it doesn't match, or allowing for multiple keys?  I
> notice that if I manually add the RSA key and delete the ECDSA key it seems
> to work.
>
> -g
>
>

Yes, that is part of it.
What is happening is that the conch client sends a MSG_KEXINIT
packet to the server to negotatiate what the host key should be.
If I use an OpenSSH ssh client to connect to OpenSSH sshd server,
the negotiated host key algorithm is ecdsa-sha2-nistp256.

If I use a conch client to connect to the OpenSSH sshd server,
the negotiated host key algorithm is ssh-rsa.

I started a test instance of the sshd server with:

/usr/sbin/sshd -p 9000 -d -d -d

and captured the logs (see attached).

I think some problems are:
  (1)  conch proposes a list of *host key algorithms* in a different order
than
 OpenSSH.  It shouldn't matter, but conch proposes ssh-rsa first,
 while OpenSSH proposes it last.
  (2)  OpenSSH client seems to be able to receive multiple host keys back
 from the server, and can match the one it has.

--
Craig
Script started on Tue Dec 20 18:50:42 2016
Command: /usr/sbin/sshd -p 9000 -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config

debug2: load_server_config: done config len = 197

debug2: parse_server_config: config /etc/ssh/sshd_config len 197

debug3: /etc/ssh/sshd_config:49 setting PermitRootLogin yes

debug3: /etc/ssh/sshd_config:131 setting Subsystem sftp /usr/libexec/sftp-server

debug1: sshd version OpenSSH_7.2, OpenSSL 1.0.2j-freebsd  26 Sep 2016

debug1: private host key #0: ssh-rsa 
SHA256:73H4OcFhNGdHY2sVsbBOVVOudub2EkvfYNlwpxWM1Xw

debug1: private host key #1: ssh-dss 
SHA256:6BQ11F0ejGONS1+d4O63t7fyyGKaEyW33a73x5G/3ic

debug1: private host key #2: ecdsa-sha2-nistp256 
SHA256:jkq3WG/EU+yyyg8xemPshcErRvPYmSbU202opbYgzHU

debug1: private host key #3: ssh-ed25519 
SHA256:59NbS+jIUH9ADjLpk5nQLKq229hrx89QpAd3Z3Ts6j4

debug1: rexec_argv[0]='/usr/sbin/sshd'

debug1: rexec_argv[1]='-p'

debug1: rexec_argv[2]='9000'

debug1: rexec_argv[3]='-d'

debug1: rexec_argv[4]='-d'

debug1: rexec_argv[5]='-d'

debug2: fd 3 setting O_NONBLOCK

debug3: Fssh_sock_set_v6only: set socket 3 IPV6_V6ONLY

debug1: Bind to port 9000 on ::.

debug1: Server TCP RWIN socket size: 65536

Server listening on :: port 9000.

debug2: fd 4 setting O_NONBLOCK

debug1: Bind to port 9000 on 0.0.0.0.

debug1: Server TCP RWIN socket size: 65536

Server listening on 0.0.0.0 port 9000.

debug1: fd 5 clearing O_NONBLOCK

debug1: Server will not fork when running in debugging mode.

debug3: send_rexec_state: entering fd = 8 config len 197

debug3: ssh_msg_send: type 0

debug3: send_rexec_state: done

debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8

debug1: inetd sockets after dupping: 3, 3

debug1: res_init()

Connection from 192.168.1.5 port 58546 on 192.168.1.2 port 9000

debug1: Client protocol version 2.0; client software version OpenSSH_7.2

debug1: match: OpenSSH_7.2 pat OpenSSH* compat 0x0400

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_7.2 FreeBSD-20160310

debug2: fd 3 setting O_NONBLOCK

debug3: ssh_sandbox_init: preparing capsicum sandbox

debug2: Network child is on pid 68979

debug3: preauth child monitor started

debug3: privsep user:group 22:22 [preauth]

debug1: permanently_set_uid: 22/22 [preauth]

debug3: list_hostkey_types: ssh-dss key not permitted by HostkeyAlgorithms 
[preauth]

debug1: list_hostkey_types: 
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

debug3: send packet: type 20 [preauth]

debug1: SSH2_MSG_KEXINIT sent [preauth]

debug3: receive packet: type 20 [preauth]

debug1: SSH2_MSG_KEXINIT received [preauth]

debug2: local server KEXINIT proposal [preauth]

debug2: KEX algorithms: 
curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
 [preauth]

debug2: host key algorithms: 
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

debug2: ciphers ctos: 
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
 [preauth]

debug2: ciphers stoc: 
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
 [preauth]

debug2: MACs ctos: 
umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
 [preauth]

debug2: MACs stoc:

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Glyph Lefkowitz


> On Dec 20, 2016, at 5:50 PM, Craig Rodrigues  wrote:
> 
> Ah, OK.  In my testing, I had this in my server's /etc/ssh/sshd_config file 
> to force
> use of ECDSA keys during my testing:
> 
> 
> # HostKey for protocol version 1
> #HostKey /etc/ssh/ssh_host_key
> # HostKeys for protocol version 2
> #HostKey /etc/ssh/ssh_host_rsa_key
> #HostKey /etc/ssh/ssh_host_dsa_key
> HostKey /etc/ssh/ssh_host_ecdsa_key
> HostKey /etc/ssh/ssh_host_ed25519_key
> 
> 
> If I then logged into the server with:
>  conch 192.168.1.2
> 
> , then having an ecdsa key in ~/.ssh/known_hosts
> worked fine and I could log in.  Before the latest patches, the ecdsa keys 
> were not
> being parsed properly and this never worked at all.
> 
> If I changed the config on the server to:
> 
> # HostKey for protocol version 1
> #HostKey /etc/ssh/ssh_host_key
> # HostKeys for protocol version 2
> #HostKey /etc/ssh/ssh_host_rsa_key
> #HostKey /etc/ssh/ssh_host_dsa_key
> #HostKey /etc/ssh/ssh_host_ecdsa_key
> #HostKey /etc/ssh/ssh_host_ed25519_key
> 
> I got a bad host key error with conch, same as if I tried to log into 
> buildbot.twistedmatrix.com .
> I put this:
> 
> import pudb; pudb.set_trace()
> 
> on this line inside _continue_KEX_ECDH_REPLY() :
> https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/ssh/transport.py#L1671
>  
> 
Did you mean 
https://github.com/twisted/twisted/blob/71643ca93e024d33dba8de9eef149876554c2dd7/src/twisted/conch/ssh/transport.py#L1674
 

 ?

> What I then found was that on this line:
> 
> hostkey, pubKey, signature, packet = getNS(packet, 3)
> 
> 
> The host key is an RSA key.  Then this line in the same function:
>  d = self.verifyHostKey(hostKey, fingerprint)
> 
> tries to compare the hostKey for 192.168.1.2 (which is RSA), against
> the key in ~/.ssh/known_hosts which is ecdsa.  It then fails and returns a 
> bad host key error.
> 
> I also get this problem when trying to do conch buildbot.twistedmatrix.com 
> 
So... is this because buildbot.twistedmatrix.com 
 has an RSA key as well, and when it offers 
it, our checking isn't correctly comparing the type before deciding that it 
doesn't match, or allowing for multiple keys?  I notice that if I manually add 
the RSA key and delete the ECDSA key it seems to work.

-g

> --
> Craig
> 
> 
> On Tue, Dec 20, 2016 at 5:13 PM, Glyph Lefkowitz  > wrote:
> Here's buildbot's key:
> 
> buildbot.twistedmatrix.com  
> ecdsa-sha2-nistp256 
> E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAcw4pr6WdgDMw7PbkvsuEdCqKQTtpLYPGoe7qkuQucuexYBiCkO/BeoB0wANX2cVmxUP0llpYJQL4w3cAR0csA=
> 
> I think you should be able to validate that even if you can't auth :)
> 
> -g
> 
> 
>> On Dec 20, 2016, at 4:54 PM, Craig Rodrigues > > wrote:
>> 
>> I'm not sure. I was able to use conch to log into a box where the ecdsa key 
>> looked like this in my ~/.ssh/known_hosts
>> 
>> 192.168.1.2 ecdsa-sha2-nistp256 XX
>> 
>> --
>> 
>> Craig
>> 
>> 
>> 
>> 
>> On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz > > wrote:
>> It works:
>> 
>> $ conch twistedmatrix.com  echo hooray
>> hooray
>>   $ conch --version
>> Twisted version: 16.6.0dev0
>> $ 
>> 
>> That's using an RSA host key though.  It seems that the hosts I have using 
>> ECDSA keys (buildbot.twistedmatrix.com , 
>> for example) still don't work with conch.  Is that expected at this point?
>> 
>> -glyph
>> 
>>> On Dec 20, 2016, at 2:32 PM, Craig Rodrigues >> > wrote:
>>> 
>>> On Friday, December 2, 2016, Glyph Lefkowitz >> > wrote:
>>> I think there might be a regression in 16.6.0.
>>> 
>>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
>>> ' in a shell and it works fine.
>>> 
>>> I believe that I have fixed this in trunk.
>>> Can you try this with conch in trunk?
>>> 
>>> This works for me in trunk:
>>> 
>>> 1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key 
>>> for myhost.com 
>>> 2.  ssh myhost.com 
>>> 3.  log out of myhost.com 
>>> 3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com 
>>> 
>>> 4.  conch myhost.com 
>>> 5.  successfully log into myhost.com  with conch
>>> 
>>> Before

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Craig Rodrigues

Ah, OK.  In my testing, I had this in my server's /etc/ssh/sshd_config file
to force
use of ECDSA keys during my testing:


# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key


If I then logged into the server with:
 *conch 192.168.1.2*

, then having an ecdsa key in ~/.ssh/known_hosts
worked fine and I could log in.  Before the latest patches, the ecdsa keys
were not
being parsed properly and this never worked at all.

If I changed the config on the server to:

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

I got a bad host key error with conch, same as if I tried to log into
buildbot.twistedmatrix.com.
I put this:

import pudb; pudb.set_trace()

on this line inside *_continue_KEX_ECDH_REPLY()* :
https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/ssh/transport.py#L1671

What I then found was that on this line:

hostkey, pubKey, signature, packet = getNS(packet, 3)


The host key is an RSA key.  Then this line in the same function:

 d = self.verifyHostKey(hostKey, fingerprint)
tries to compare the hostKey for 192.168.1.2 (which is RSA), against
the key in ~/.ssh/known_hosts which is ecdsa.  It then fails and returns a
bad host key error.

I also get this problem when trying to do *conch buildbot.twistedmatrix.com
*


--
Craig


On Tue, Dec 20, 2016 at 5:13 PM, Glyph Lefkowitz 
wrote:

> Here's buildbot's key:
>
> buildbot.twistedmatrix.com ecdsa-sha2-nistp256
> E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAcw4pr6
> WdgDMw7PbkvsuEdCqKQTtpLYPGoe7qkuQucuexYBiCkO/
> BeoB0wANX2cVmxUP0llpYJQL4w3cAR0csA=
>
> I think you should be able to validate that even if you can't auth :)
>
> -g
>
>
> On Dec 20, 2016, at 4:54 PM, Craig Rodrigues 
> wrote:
>
> I'm not sure. I was able to use conch to log into a box where the ecdsa
> key looked like this in my ~/.ssh/known_hosts
>
> 192.168.1.2 ecdsa-sha2-nistp256 XX
>
> --
>
> Craig
>
>
>
> On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz 
> wrote:
>
>> It works:
>>
>> $ conch twistedmatrix.com echo hooray
>> hooray
>>   $ conch --version
>> Twisted version: 16.6.0dev0
>> $
>>
>>
>> That's using an RSA host key though.  It seems that the hosts I have
>> using ECDSA keys (buildbot.twistedmatrix.com, for example) still don't
>> work with conch.  Is that expected at this point?
>>
>> -glyph
>>
>> On Dec 20, 2016, at 2:32 PM, Craig Rodrigues 
>> wrote:
>>
>> On Friday, December 2, 2016, Glyph Lefkowitz 
>> wrote:
>>>
>>> I think there might be a regression in 16.6.0.
>>>
>>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com' in a
>>> shell and it works fine.
>>>
>>
>> I believe that I have fixed this in trunk.
>> Can you try this with conch in trunk?
>>
>> This works for me in trunk:
>>
>> 1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa
>> key for myhost.com
>> 2.  ssh myhost.com
>> 3.  log out of myhost.com
>> 3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com
>> 4.  conch myhost.com
>> 5.  successfully log into myhost.com with conch
>>
>> Before the latest fixes, I would get a bad host key error in step 5.
>>
>> Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to
>> conch.
>>
>> --
>> Craig
>>
>> ___
>> Twisted-Python mailing list
>> Twisted-Python@twistedmatrix.com
>> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>>
>>
>>
>> ___
>> Twisted-Python mailing list
>> Twisted-Python@twistedmatrix.com
>> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>>
>>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Glyph Lefkowitz

Here's buildbot's key:

buildbot.twistedmatrix.com ecdsa-sha2-nistp256 
E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAAcw4pr6WdgDMw7PbkvsuEdCqKQTtpLYPGoe7qkuQucuexYBiCkO/BeoB0wANX2cVmxUP0llpYJQL4w3cAR0csA=

I think you should be able to validate that even if you can't auth :)

-g


> On Dec 20, 2016, at 4:54 PM, Craig Rodrigues  wrote:
> 
> I'm not sure. I was able to use conch to log into a box where the ecdsa key 
> looked like this in my ~/.ssh/known_hosts
> 
> 192.168.1.2 ecdsa-sha2-nistp256 XX
> 
> --
> 
> Craig
> 
> 
> 
> 
> On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz  > wrote:
> It works:
> 
> $ conch twistedmatrix.com  echo hooray
> hooray
>   $ conch --version
> Twisted version: 16.6.0dev0
> $ 
> 
> That's using an RSA host key though.  It seems that the hosts I have using 
> ECDSA keys (buildbot.twistedmatrix.com , 
> for example) still don't work with conch.  Is that expected at this point?
> 
> -glyph
> 
>> On Dec 20, 2016, at 2:32 PM, Craig Rodrigues > > wrote:
>> 
>> On Friday, December 2, 2016, Glyph Lefkowitz > > wrote:
>> I think there might be a regression in 16.6.0.
>> 
>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
>> ' in a shell and it works fine.
>> 
>> I believe that I have fixed this in trunk.
>> Can you try this with conch in trunk?
>> 
>> This works for me in trunk:
>> 
>> 1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key 
>> for myhost.com 
>> 2.  ssh myhost.com 
>> 3.  log out of myhost.com 
>> 3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com 
>> 
>> 4.  conch myhost.com 
>> 5.  successfully log into myhost.com  with conch
>> 
>> Before the latest fixes, I would get a bad host key error in step 5.
>> 
>> Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to 
>> conch.
>> 
>> --
>> Craig
>>  
>> ___
>> Twisted-Python mailing list
>> Twisted-Python@twistedmatrix.com 
>> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python 
>> 
> 
> 
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com 
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python 
> 
> 
> 
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Craig Rodrigues

I'm not sure. I was able to use conch to log into a box where the ecdsa key
looked like this in my ~/.ssh/known_hosts

192.168.1.2 ecdsa-sha2-nistp256 XX

--

Craig



On Tue, Dec 20, 2016 at 4:10 PM, Glyph Lefkowitz 
wrote:

> It works:
>
> $ conch twistedmatrix.com echo hooray
> hooray
>   $ conch --version
> Twisted version: 16.6.0dev0
> $
>
>
> That's using an RSA host key though.  It seems that the hosts I have using
> ECDSA keys (buildbot.twistedmatrix.com, for example) still don't work
> with conch.  Is that expected at this point?
>
> -glyph
>
> On Dec 20, 2016, at 2:32 PM, Craig Rodrigues 
> wrote:
>
> On Friday, December 2, 2016, Glyph Lefkowitz 
> wrote:
>>
>> I think there might be a regression in 16.6.0.
>>
>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com' in a
>> shell and it works fine.
>>
>
> I believe that I have fixed this in trunk.
> Can you try this with conch in trunk?
>
> This works for me in trunk:
>
> 1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key
> for myhost.com
> 2.  ssh myhost.com
> 3.  log out of myhost.com
> 3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com
> 4.  conch myhost.com
> 5.  successfully log into myhost.com with conch
>
> Before the latest fixes, I would get a bad host key error in step 5.
>
> Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to
> conch.
>
> --
> Craig
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Glyph Lefkowitz

It works:

$ conch twistedmatrix.com echo hooray
hooray
  $ conch --version
Twisted version: 16.6.0dev0
$ 

That's using an RSA host key though.  It seems that the hosts I have using 
ECDSA keys (buildbot.twistedmatrix.com , 
for example) still don't work with conch.  Is that expected at this point?

-glyph

> On Dec 20, 2016, at 2:32 PM, Craig Rodrigues  wrote:
> 
> On Friday, December 2, 2016, Glyph Lefkowitz  > wrote:
> I think there might be a regression in 16.6.0.
> 
> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
> ' in a shell and it works fine.
> 
> I believe that I have fixed this in trunk.
> Can you try this with conch in trunk?
> 
> This works for me in trunk:
> 
> 1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key 
> for myhost.com 
> 2.  ssh myhost.com 
> 3.  log out of myhost.com 
> 3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com 
> 
> 4.  conch myhost.com 
> 5.  successfully log into myhost.com  with conch
> 
> Before the latest fixes, I would get a bad host key error in step 5.
> 
> Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to 
> conch.
> 
> --
> Craig
>  
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-20 Thread Craig Rodrigues

On Friday, December 2, 2016, Glyph Lefkowitz 
wrote:
>
> I think there might be a regression in 16.6.0.
>
> For every version up to 16.6.0, I can do 'conch twistedmatrix.com' in a
> shell and it works fine.
>

I believe that I have fixed this in trunk.
Can you try this with conch in trunk?

This works for me in trunk:

1.  Start with an empty ~/.ssh/known_hosts file , or one with an ecdsa key
for myhost.com
2.  ssh myhost.com
3.  log out of myhost.com
3.  see that ~/.ssh/known_hosts contains an ecdsa host key for myhost.com
4.  conch myhost.com
5.  successfully log into myhost.com with conch

Before the latest fixes, I would get a bad host key error in step 5.

Many thanks to the0id and acabhishek942 for providing the ecdsa fixes to
conch.

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-03 Thread Glyph Lefkowitz


> On Dec 3, 2016, at 4:21 PM, Craig Rodrigues  wrote:
> 
> On Thu, Dec 1, 2016 at 7:01 PM, Mark Williams  > wrote:
> 
> I bet the key negotiated by conch is not an ECDSA key but rather an
> RSA key.  If this is all the case, then I think you've found a key
> that LibreSSL supports but your client's libssl (which conch calls
> into via cryptography) does not.  What version of libssl do you have?
> 
> 
> Yes, you are right.  I did some debugging and found that in 
> ssh_KEX_DH_GEX_REPLY()
> https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/ssh/transport.py#L1596
>  
> 
> only an RSA key is negotiated, even if an EC key is in the known_hosts file.
> 
> I thought that with all the EC fixes committed to the tree that this was all 
> working,
> but it looks like there is still some stuff missing.  This might fill in the 
> gaps:
> 
> https://github.com/twisted/twisted/pull/432 
> 

Yep. The stuff that got merged was intentionally, explicitly a subset of full 
EC functionality.  We're trying to get it landed in stages, since, as you have 
already seen, even a partial implementation is very tricky to review :)

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-03 Thread Craig Rodrigues

On Thu, Dec 1, 2016 at 7:01 PM, Mark Williams 
wrote:

>
> I bet the key negotiated by conch is not an ECDSA key but rather an
> RSA key.  If this is all the case, then I think you've found a key
> that LibreSSL supports but your client's libssl (which conch calls
> into via cryptography) does not.  What version of libssl do you have?
>

Yes, you are right.  I did some debugging and found that
in ssh_KEX_DH_GEX_REPLY()
https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/ssh/transport.py#L1596
only an RSA key is negotiated, even if an EC key is in the known_hosts file.

I thought that with all the EC fixes committed to the tree that this was
all working,
but it looks like there is still some stuff missing.  This might fill in
the gaps:

https://github.com/twisted/twisted/pull/432

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Craig Rodrigues

Glyph,

I took your fix, and added some fixes of my own for __repr__() printing of
EC keys in this branch:

https://github.com/twisted/twisted/pull/615


If I run the tests, I get a new failure:


trial twisted.conch.test.test_keys.KeyTests.test_fromBlobECDSA

Traceback (most recent call last):
  File "/Users/crodrigues/twisted_15/src/twisted/conch/test/test_keys.py",
line 776, in test_fromBlobECDSA
eckey = keys.Key.fromString(ecblob)
  File "/Users/crodrigues/twisted_15/src/twisted/conch/ssh/keys.py", line
197, in fromString
return method(data)
  File "/Users/crodrigues/twisted_15/src/twisted/conch/ssh/keys.py", line
253, in _fromString_BLOB
default_backend()))
  File
"/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization.py",
line 69, in load_ssh_public_key
return loader(key_type, rest, backend)
  File
"/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization.py",
line 103, in _load_ssh_ecdsa_public_key
'Key header and key body contain different key type values.'

builtins.ValueError: Key header and key body contain different key type
values.


Also, if I try to access my machine with:
conch 192.168.1.2

I see that in the matchesKey() function on this line:
https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/client/knownhosts.py#L106

self.publicKey is an EC key, while keyObject is an RSA key.

Therefore this function always fails, and I cannot log into the box.

Any ideas?

Thanks.
--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Craig Rodrigues

On Fri, Dec 2, 2016 at 9:18 AM, Craig Rodrigues 
wrote:

>
> Traceback (most recent call last):
>
>
>   File "", line 1, in 
>   File "/Users/crodrigues/twisted8/src/twisted/conch/ssh/keys.py", line
> 787, in __repr__
> self._keyObject.key_size)]
>
> AttributeError: '_EllipticCurvePublicKey' object has no attribute
> 'key_size'
>
>
This seems to be the problem.

On this line:
https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/ssh/keys.py#L782
the __repr__() function wants to call the key_size() method.

This seems to exist for DSA and RSA keys:
https://github.com/pyca/cryptography/blob/master/src/cryptography/hazmat/backends/openssl/dsa.py#L232
https://github.com/pyca/cryptography/blob/master/src/cryptography/hazmat/backends/openssl/rsa.py#L482

However for EC keys, I do not see a 'key_size' attribute:
https://github.com/pyca/cryptography/blob/master/src/cryptography/hazmat/backends/openssl/ec.py#L256

When trying to compare the known host key, the code tries to do a
__repr__() and it fails,
so this doesn't seem to work with EC keys.

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Craig Rodrigues

On Fri, Dec 2, 2016 at 1:23 AM, Glyph Lefkowitz 
wrote:

>
>
> Investigating further, I think I've figured it out.  Here's a patch that
> fixes the problem:
>
> diff --git a/src/twisted/conch/ssh/keys.py b/src/twisted/conch/ssh/keys.py
> index d47db7f..570f524 100644
> --- a/src/twisted/conch/ssh/keys.py
> +++ b/src/twisted/conch/ssh/keys.py
> @@ -247,8 +247,10 @@ class Key(object):
>  ).public_key(default_backend())
>  )
>  elif keyType in [b'ecdsa-sha2-' + curve for curve in
> list(_curveTable.keys())]:
> -x, y, rest = common.getMP(rest, 2)
> -return cls._fromECComponents(x=x, y=y, curve=keyType)
> +return cls(load_ssh_public_key(
> +keyType + b' ' + base64.encodestring(blob),
> +default_backend())
> +)
>  else:
>  raise BadKeyError('unknown blob type: %s' % (keyType,))
>
>
> I suspect, but do not fully understand, that the problem here is point
> compression.  Key._fromString_BLOB naively just does getMP(blob, 2) and
> expects that the x,y will be the EC point.  However, to quote
> https://tools.ietf.org/html/rfc5656#section-3.1, "point compression MAY
> be used".  I don't know exactly how point compression works, but I do
> understand that it means you do funky stuff with the Y value.  I do not
> believe that EllipticCurvePrivateNumbers understands said funky stuff.
>
> A specific ECC integration test with ssh-keygen from OpenSSH and
> twisted.conch.client.knownhosts.KnownHostsFile would have spotted this
> specific manifestation of the issue.  However, another underlying bug is
> that KnownHostsFile _should_ ignore lines that it can't parse.  And,
> there's another potential manifestation of the issue where loading from an
> actual key blob might not work; arguably the problem here is that
> KnownHostsFile made the questionable decision to do its own base64-decoding
> and pass the blob straight to the key rather than just pass the portion of
> the line after the hostname and load it as an openssh-format key directly.
>
>
Yes, you are on the right track.  As the known_hosts file is parsed line by
line,
if an exception is thrown during parsing, then any valid keys further in
the file are ignored,
and you get the "bad host key" error.

I tried your patch, and while I don't get the same error, the patch doesn't
solve the problem for me.

I did some more debugging, and when I tried to put some print statements in
the code to
figure out what is going on, I found these errors:

Traceback (most recent call last):


  File "", line 1, in 
  File "/Users/crodrigues/twisted8/src/twisted/conch/ssh/keys.py", line
787, in __repr__
self._keyObject.key_size)]

AttributeError: '_EllipticCurvePublicKey' object has no attribute
'key_size'


and also this:

  File "/Users/crodrigues/twisted8/src/twisted/conch/client/knownhosts.py",
line 107, in matchesKey
print("SELF.PUBLICKEY ", self.publickey)
AttributeError: 'PlainEntry' object has no attribute 'publickey'

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Glyph Lefkowitz

> On Dec 2, 2016, at 12:37 AM, Glyph Lefkowitz  wrote:
> 
> 
>> On Dec 2, 2016, at 12:27 AM, Glyph Lefkowitz > > wrote:
>> 
>> 
>>> On Dec 2, 2016, at 12:19 AM, Glyph Lefkowitz >> > wrote:
>>> 
>>> 
 On Dec 1, 2016, at 7:01 PM, Mark Williams > wrote:

 On Thu, Dec 01, 2016 at 05:11:37PM -0800, Craig Rodrigues wrote:
> Hi,
> 
> I filed this bug:
> https://twistedmatrix.com/trac/ticket/8931 
> 
> 
> At least for me, conch fails to parse a host key created by OpenSSH
> in ~/.ssh/known_hosts
> which is of type ecdsa-sha2-nistp256.
> 
> Anyone have an idea as to how to fix this?
> 

 As usual you've found a fantastically interesting issue.

 This is conch, the client, right?  I'm guessing so because
 ~/.ssh/known_hosts contains the servers the ssh client trusts.
 (Specifically, among other things it contains a hostname and that
 host's sshd server's public key fingerprint).

 If it is conch, the-client, then deleting the offending entry from
 ~/.ssh/known_hosts and getting a new one makes sense.  That's because
 sshd usually generates a couple of different keys in case clients
 don't support the latest and greatest technology.

 I think deleting the entry in ~/.ssh/known_hosts allows conch to ask
 the server for a different key that it *can* understand.  You should
 be able to find out which server key conch negotiated by doing thing
 following after deleting the offending ~/.ssh/known_hosts entry:

 ()
 $ ssh-keygen -H -F  | awk '{ print $NF }'
 dGhpcyBpcyB2ZXJ5IHZlcnkgdmVyeSB2ZXJ5IHZlcnkgbG9uZyBob3N0IGtleQ==

 Then on the OS X server, grep for that in /etc/ssh/*.pub

 I bet the key negotiated by conch is not an ECDSA key but rather an
 RSA key.  If this is all the case, then I think you've found a key
 that LibreSSL supports but your client's libssl (which conch calls
 into via cryptography) does not.  What version of libssl do you have?

 If any of this is helpful or relevant I'll ask more questions in the
 ticket.
>>> 
>>> I think there might be a regression in 16.6.0.
>>> 
>>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
>>> ' in a shell and it works fine.
>>> 
>>> On 16.6.0, I get:
>>> 
>>> Connection to twistedmatrix.com  closed.
>>> conch: exiting with error [Failure instance: Traceback (failure with no 
>>> frames): : ('bad host key', 9)
>>> ]
>>> 
>>> instead.
>>> 
>>> Worth noting: the keys I have for twistedmatrix.com 
>>>  are RSA keys.
>>> 
>>> What did we add recently that changes key parsing?
>> 
>> The offending commit is 8164d89104a453947215b9296e8b406f15e63252.  Clearly 
>> something went wrong when introducing ECDSA parsing.
> 
> The problem is not quite as bad as breaking RSA parsing, at least; the issue 
> is that my known_hosts file includes an ecdsa-sha2-nistp256 entry that 
> _precedes_ my ssh-rsa entry.  So the problem is that parsing one of those 
> entries raises an exception which propagates.  From a superficial 
> investigation, it would appear that _all_ ecdsa keys cause this failure, 
> though.

Investigating further, I think I've figured it out.  Here's a patch that fixes 
the problem:

diff --git a/src/twisted/conch/ssh/keys.py b/src/twisted/conch/ssh/keys.py
index d47db7f..570f524 100644
--- a/src/twisted/conch/ssh/keys.py
+++ b/src/twisted/conch/ssh/keys.py
@@ -247,8 +247,10 @@ class Key(object):
 ).public_key(default_backend())
 )
 elif keyType in [b'ecdsa-sha2-' + curve for curve in 
list(_curveTable.keys())]:
-x, y, rest = common.getMP(rest, 2)
-return cls._fromECComponents(x=x, y=y, curve=keyType)
+return cls(load_ssh_public_key(
+keyType + b' ' + base64.encodestring(blob),
+default_backend())
+)
 else:
 raise BadKeyError('unknown blob type: %s' % (keyType,))

I suspect, but do not fully understand, that the problem here is point 
compression.  Key._fromString_BLOB naively just does getMP(blob, 2) and expects 
that the x,y will be the EC point.  However, to quote 
https://tools.ietf.org/html/rfc5656#section-3.1, "point compression MAY be 
used".  I don't know exactly how point compression works, but I do understand 
that it means you do funky stuff with the Y value.  I do not believe that 
EllipticCurvePrivateNumbers understands said funky stuff.

A specific ECC integration test with ssh-keygen from OpenSSH and 
twisted.conch.client.knownhosts.KnownHostsFile would have spotted this specific

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Glyph Lefkowitz


> On Dec 2, 2016, at 12:27 AM, Glyph Lefkowitz  wrote:
> 
> 
>> On Dec 2, 2016, at 12:19 AM, Glyph Lefkowitz > > wrote:
>> 
>> 
>>> On Dec 1, 2016, at 7:01 PM, Mark Williams >> > wrote:
>>> 
>>> On Thu, Dec 01, 2016 at 05:11:37PM -0800, Craig Rodrigues wrote:
 Hi,
 
 I filed this bug:
 https://twistedmatrix.com/trac/ticket/8931 
 
 
 At least for me, conch fails to parse a host key created by OpenSSH
 in ~/.ssh/known_hosts
 which is of type ecdsa-sha2-nistp256.
 
 Anyone have an idea as to how to fix this?
 
>>> 
>>> As usual you've found a fantastically interesting issue.
>>> 
>>> This is conch, the client, right?  I'm guessing so because
>>> ~/.ssh/known_hosts contains the servers the ssh client trusts.
>>> (Specifically, among other things it contains a hostname and that
>>> host's sshd server's public key fingerprint).
>>> 
>>> If it is conch, the-client, then deleting the offending entry from
>>> ~/.ssh/known_hosts and getting a new one makes sense.  That's because
>>> sshd usually generates a couple of different keys in case clients
>>> don't support the latest and greatest technology.
>>> 
>>> I think deleting the entry in ~/.ssh/known_hosts allows conch to ask
>>> the server for a different key that it *can* understand.  You should
>>> be able to find out which server key conch negotiated by doing thing
>>> following after deleting the offending ~/.ssh/known_hosts entry:
>>> 
>>> ()
>>> $ ssh-keygen -H -F  | awk '{ print $NF }'
>>> dGhpcyBpcyB2ZXJ5IHZlcnkgdmVyeSB2ZXJ5IHZlcnkgbG9uZyBob3N0IGtleQ==
>>> 
>>> Then on the OS X server, grep for that in /etc/ssh/*.pub
>>> 
>>> I bet the key negotiated by conch is not an ECDSA key but rather an
>>> RSA key.  If this is all the case, then I think you've found a key
>>> that LibreSSL supports but your client's libssl (which conch calls
>>> into via cryptography) does not.  What version of libssl do you have?
>>> 
>>> If any of this is helpful or relevant I'll ask more questions in the
>>> ticket.
>> 
>> I think there might be a regression in 16.6.0.
>> 
>> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
>> ' in a shell and it works fine.
>> 
>> On 16.6.0, I get:
>> 
>> Connection to twistedmatrix.com  closed.
>> conch: exiting with error [Failure instance: Traceback (failure with no 
>> frames): : ('bad host key', 9)
>> ]
>> 
>> instead.
>> 
>> Worth noting: the keys I have for twistedmatrix.com 
>>  are RSA keys.
>> 
>> What did we add recently that changes key parsing?
> 
> The offending commit is 8164d89104a453947215b9296e8b406f15e63252.  Clearly 
> something went wrong when introducing ECDSA parsing.

The problem is not quite as bad as breaking RSA parsing, at least; the issue is 
that my known_hosts file includes an ecdsa-sha2-nistp256 entry that _precedes_ 
my ssh-rsa entry.  So the problem is that parsing one of those entries raises 
an exception which propagates.  From a superficial investigation, it would 
appear that _all_ ecdsa keys cause this failure, though.

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Glyph Lefkowitz


> On Dec 2, 2016, at 12:19 AM, Glyph Lefkowitz  wrote:
> 
> 
>> On Dec 1, 2016, at 7:01 PM, Mark Williams > > wrote:
>> 
>> On Thu, Dec 01, 2016 at 05:11:37PM -0800, Craig Rodrigues wrote:
>>> Hi,
>>> 
>>> I filed this bug:
>>> https://twistedmatrix.com/trac/ticket/8931 
>>> 
>>> 
>>> At least for me, conch fails to parse a host key created by OpenSSH
>>> in ~/.ssh/known_hosts
>>> which is of type ecdsa-sha2-nistp256.
>>> 
>>> Anyone have an idea as to how to fix this?
>>> 
>> 
>> As usual you've found a fantastically interesting issue.
>> 
>> This is conch, the client, right?  I'm guessing so because
>> ~/.ssh/known_hosts contains the servers the ssh client trusts.
>> (Specifically, among other things it contains a hostname and that
>> host's sshd server's public key fingerprint).
>> 
>> If it is conch, the-client, then deleting the offending entry from
>> ~/.ssh/known_hosts and getting a new one makes sense.  That's because
>> sshd usually generates a couple of different keys in case clients
>> don't support the latest and greatest technology.
>> 
>> I think deleting the entry in ~/.ssh/known_hosts allows conch to ask
>> the server for a different key that it *can* understand.  You should
>> be able to find out which server key conch negotiated by doing thing
>> following after deleting the offending ~/.ssh/known_hosts entry:
>> 
>> ()
>> $ ssh-keygen -H -F  | awk '{ print $NF }'
>> dGhpcyBpcyB2ZXJ5IHZlcnkgdmVyeSB2ZXJ5IHZlcnkgbG9uZyBob3N0IGtleQ==
>> 
>> Then on the OS X server, grep for that in /etc/ssh/*.pub
>> 
>> I bet the key negotiated by conch is not an ECDSA key but rather an
>> RSA key.  If this is all the case, then I think you've found a key
>> that LibreSSL supports but your client's libssl (which conch calls
>> into via cryptography) does not.  What version of libssl do you have?
>> 
>> If any of this is helpful or relevant I'll ask more questions in the
>> ticket.
> 
> I think there might be a regression in 16.6.0.
> 
> For every version up to 16.6.0, I can do 'conch twistedmatrix.com 
> ' in a shell and it works fine.
> 
> On 16.6.0, I get:
> 
> Connection to twistedmatrix.com  closed.
> conch: exiting with error [Failure instance: Traceback (failure with no 
> frames): : ('bad host key', 9)
> ]
> 
> instead.
> 
> Worth noting: the keys I have for twistedmatrix.com 
>  are RSA keys.
> 
> What did we add recently that changes key parsing?

The offending commit is 8164d89104a453947215b9296e8b406f15e63252.  Clearly 
something went wrong when introducing ECDSA parsing.

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-02 Thread Glyph Lefkowitz


> On Dec 1, 2016, at 7:01 PM, Mark Williams  wrote:
> 
> On Thu, Dec 01, 2016 at 05:11:37PM -0800, Craig Rodrigues wrote:
>> Hi,
>> 
>> I filed this bug:
>> https://twistedmatrix.com/trac/ticket/8931
>> 
>> At least for me, conch fails to parse a host key created by OpenSSH
>> in ~/.ssh/known_hosts
>> which is of type ecdsa-sha2-nistp256.
>> 
>> Anyone have an idea as to how to fix this?
>> 
> 
> As usual you've found a fantastically interesting issue.
> 
> This is conch, the client, right?  I'm guessing so because
> ~/.ssh/known_hosts contains the servers the ssh client trusts.
> (Specifically, among other things it contains a hostname and that
> host's sshd server's public key fingerprint).
> 
> If it is conch, the-client, then deleting the offending entry from
> ~/.ssh/known_hosts and getting a new one makes sense.  That's because
> sshd usually generates a couple of different keys in case clients
> don't support the latest and greatest technology.
> 
> I think deleting the entry in ~/.ssh/known_hosts allows conch to ask
> the server for a different key that it *can* understand.  You should
> be able to find out which server key conch negotiated by doing thing
> following after deleting the offending ~/.ssh/known_hosts entry:
> 
> ()
> $ ssh-keygen -H -F  | awk '{ print $NF }'
> dGhpcyBpcyB2ZXJ5IHZlcnkgdmVyeSB2ZXJ5IHZlcnkgbG9uZyBob3N0IGtleQ==
> 
> Then on the OS X server, grep for that in /etc/ssh/*.pub
> 
> I bet the key negotiated by conch is not an ECDSA key but rather an
> RSA key.  If this is all the case, then I think you've found a key
> that LibreSSL supports but your client's libssl (which conch calls
> into via cryptography) does not.  What version of libssl do you have?
> 
> If any of this is helpful or relevant I'll ask more questions in the
> ticket.

I think there might be a regression in 16.6.0.

For every version up to 16.6.0, I can do 'conch twistedmatrix.com' in a shell 
and it works fine.

On 16.6.0, I get:

Connection to twistedmatrix.com closed.
conch: exiting with error [Failure instance: Traceback (failure with no 
frames): : ('bad host key', 9)
]

instead.

Worth noting: the keys I have for twistedmatrix.com are RSA keys.

What did we add recently that changes key parsing?

-glyph___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-01 Thread Mark Williams

On Thu, Dec 01, 2016 at 05:11:37PM -0800, Craig Rodrigues wrote:
> Hi,
>
> I filed this bug:
> https://twistedmatrix.com/trac/ticket/8931
>
> At least for me, conch fails to parse a host key created by OpenSSH
> in ~/.ssh/known_hosts
> which is of type ecdsa-sha2-nistp256.
>
> Anyone have an idea as to how to fix this?
>

As usual you've found a fantastically interesting issue.

This is conch, the client, right?  I'm guessing so because
~/.ssh/known_hosts contains the servers the ssh client trusts.
(Specifically, among other things it contains a hostname and that
host's sshd server's public key fingerprint).

If it is conch, the-client, then deleting the offending entry from
~/.ssh/known_hosts and getting a new one makes sense.  That's because
sshd usually generates a couple of different keys in case clients
don't support the latest and greatest technology.

I think deleting the entry in ~/.ssh/known_hosts allows conch to ask
the server for a different key that it *can* understand.  You should
be able to find out which server key conch negotiated by doing thing
following after deleting the offending ~/.ssh/known_hosts entry:

()
$ ssh-keygen -H -F  | awk '{ print $NF }'
dGhpcyBpcyB2ZXJ5IHZlcnkgdmVyeSB2ZXJ5IHZlcnkgbG9uZyBob3N0IGtleQ==

Then on the OS X server, grep for that in /etc/ssh/*.pub

I bet the key negotiated by conch is not an ECDSA key but rather an
RSA key.  If this is all the case, then I think you've found a key
that LibreSSL supports but your client's libssl (which conch calls
into via cryptography) does not.  What version of libssl do you have?

If any of this is helpful or relevant I'll ask more questions in the
ticket.

Thanks!

-Mark

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-01 Thread Craig Rodrigues

I don't think that is it.  It is failing to parse an existing key generated
by OpenSSH.
If I delete the known_hosts file, conch generates a key which it ca parse.

--
Craig

On Thu, Dec 1, 2016 at 5:24 PM, Oon-Ee Ng  wrote:

> http://twistedmatrix.com/pipermail/twisted-python/2016-October/030819.html
>
> On Fri, Dec 2, 2016 at 9:11 AM, Craig Rodrigues 
> wrote:
> > Hi,
> >
> > I filed this bug:
> > https://twistedmatrix.com/trac/ticket/8931
> >
> > At least for me, conch fails to parse a host key created by OpenSSH
> > in ~/.ssh/known_hosts
> > which is of type ecdsa-sha2-nistp256.
> >
> > Anyone have an idea as to how to fix this?
> >
> > --
> > Craig
> >
> > ___
> > Twisted-Python mailing list
> > Twisted-Python@twistedmatrix.com
> > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
> >
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-01 Thread Oon-Ee Ng

http://twistedmatrix.com/pipermail/twisted-python/2016-October/030819.html

On Fri, Dec 2, 2016 at 9:11 AM, Craig Rodrigues  wrote:
> Hi,
>
> I filed this bug:
> https://twistedmatrix.com/trac/ticket/8931
>
> At least for me, conch fails to parse a host key created by OpenSSH
> in ~/.ssh/known_hosts
> which is of type ecdsa-sha2-nistp256.
>
> Anyone have an idea as to how to fix this?
>
> --
> Craig
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

[Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

2016-12-01 Thread Craig Rodrigues

Hi,

I filed this bug:
https://twistedmatrix.com/trac/ticket/8931

At least for me, conch fails to parse a host key created by OpenSSH
in ~/.ssh/known_hosts
which is of type ecdsa-sha2-nistp256.

Anyone have an idea as to how to fix this?

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

Re: [Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

[Twisted-Python] conch problem with ecdsa-sha2-nistp256 host key?

25 matches

Site Navigation

Mail list logo

Footer information