Comments (7)
No worries - I appreciate your report.
When I looked more closely at this, I found that I wasn't supporting the 'passphrase' argument in create_connection() when loading default keys. So, I fixed that and while there also decided to ignore encrypted keys which are in the default key locations if you don't specify either client_keys or passphrase. So, the error you saw should no longer happen in the latest code. This is checked into the develop branch now in commit 69f1524, and will become part of the next release.
from asyncssh.
Yeah - there's no support yet for loading default key files or key files you specify as strings/bytes which are encrypted. Right now, if you want to load encrypted private keys, you need to load them explicitly by calling functions like import_private_key() or read_private_key() with a passphrase and then pass the loaded keys via the client_keys argument to create_connection()/connect() or the server_host_keys argument to create_server()/listen(). This is the only way to support loading multiple keys if more than one passphrase is needed.
That said, I can see some value in allowing a passphrase to be passed in to decrypt any encrypted keys which were being loaded in the case where all of them were encrypted with the same passphrase. I'll take a closer look at what you did here. Thanks!
from asyncssh.
Ok - I've checked in support for this in the develop branch, for both client keys and server host keys. If you get a chance, please give it a try and let me know if it's working for you.
from asyncssh.
Thanks for your answer. Proposed solution is working well for me.
from asyncssh.
Please excuse me resurrecting this long dead thread, however I inexplicably get the exact same error message as previously reported by @ftall ftall on one of my machines. i'm working with this most basic 'hello world' type example:
import asyncio, asyncssh, sys
async def run_client():
async with asyncssh.connect('localhost', username='fraxinas', password='xxxxx') as conn:
result = await conn.run('echo "Hello!"', check=True)
print(result.stdout, end='')
try:
asyncio.get_event_loop().run_until_complete(run_client())
except (OSError, asyncssh.Error) as exc:
sys.exit('SSH connection failed: ' + str(exc))
and it throws:
asyncssh.public_key.KeyImportError: Passphrase must be specified to import encrypted private keys
even though i explicitely use username/passwort login instead of private key auth.
this happens on my Antergos machine with asyncssh 1.10.0, Python 3.6.1, openssl 1.1.0.e-1.
On another machine running Arch Linux with all the same versions, the code runs smoothly. Also when connecting to the Antergos machine instead of localhost. Vice versa, the Antergos machine can't connect to the Arch system either: always the same KeyImportError. I added a new user without ssh setup,
this leads to
SSH connection failed: [Errno 2] No such file or directory: '/home/sftptest/.ssh/known_hosts'
and with that file touched empty, to
SSH connection failed: Disconnect Error: No trusted server host keys available
so no luck with that either.
from asyncssh.
Hello,
If you have keys in your .ssh directory, they will be used by default, and if they are protected by a passphrase and you don't provide one, I'm guessing you'll get the error you are seeing here. I could probably make it so that it will ignore any encrypted keys it finds if you don't specify a client_keys or passphrase value explicitly, but for now I'd suggest setting client_keys=None explicitly if you don't want to attempt public key authentication using the default keys.
Regarding known_hosts, AsyncSSH requires that the host you are contacting already have an entry in the .ssh/known_hosts file by default. If you don't want to do known hosts checking, you must pass in known_hosts=None explicitly to disable that, but be warned that this leaves you open to man-in-the-middle attacks.
If you pass in known_hosts=None (or point it at some other file), you shouldn't need to manually touch .ssh/known_hosts. An empty file there isn't very useful, as you'll just end up getting the "No trusted server hosts keys available" message when it searches for a trusted host key and finds that there aren't any listed.
from asyncssh.
thanks for your prompt response, ronf!
explicitely adding client_keys=None
to the parameter list works perfectly, sorry i missed that.
from asyncssh.
Related Issues (20)
- asyncssh server with a cmd2 application HOT 8
- connect not running ~/.bash_profile HOT 11
- Is there any method avaible in asyncssh to send large packet to server so it drops ssh connection HOT 2
- getting Permission denied (publickey) HOT 8
- sftp.put returning asyncssh.sftp.SFTPFailure: Failure HOT 11
- Asyncssh for docker run HOT 3
- Setting terminal size of a sub process HOT 28
- v2.14.2 has interop problem with netdev running with python 3.8 HOT 3
- AsyncSSH Connection to Cisco Router with Jump Host HOT 6
- Why is the loop waiting for command execution endless? HOT 2
- asyncssh raises ValueError if `SetEnv` is used in SSH config HOT 13
- 2.14.1+ fails to rekey with OpenSSH <= 6 HOT 7
- asyncio.run(asyncssh.connect()) raises ValueError: a coroutine was expected, got <asyncssh.misc._ACMWrapper object ..> HOT 4
- OOM when redirecting large stdout to asyncio Process HOT 11
- SFTP preserve always follows symlinks HOT 5
- Allow host key rotation, implement [email protected] / [email protected] request HOT 8
- Logging error in SFTP copy with `Sequence[PurePath]` HOT 4
- Intermittent failure to read output when using SSHClientProcess.wait HOT 6
- Suppress deprecation warnings from Cyrptography 43.0.0 when importing ARC4 and TripleDES HOT 7
- Parsing breaks ProxyCommand executable path on Windows. HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from asyncssh.