Upgrade to paramiko==2.7.2
jaketripp opened this issue ยท 1 comments
Thanks a bunch to everyone who has made this project a reality!! ๐ We're going to leverage it (and your test-infra Terraform idea) to quickly provision cost-effective personal clusters to explore data and develop Spark projects quickly. SOOO EXCITED ๐
While setting up the framework, I ran into a little problem. Here are my specs:
- Flintrock version: 1.0.0
- Python version: 3.7.9
- OS: Amazon Linux 2 (custom AMI)
When running flintrock --debug launch spark-cluster-jaketripp, I get the following error:
Do you want to terminate the 2 instances created by this operation? [Y/n]: n
Traceback (most recent call last):
File "/home/ec2-user/venv/bin/flintrock", line 8, in <module>
sys.exit(main())
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/flintrock.py", line 1187, in main
cli(obj={})
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/core.py", line 764, in __call__
return self.main(*args, **kwargs)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/core.py", line 717, in main
rv = self.invoke(ctx)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/core.py", line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/core.py", line 555, in invoke
return callback(*args, **kwargs)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/click/decorators.py", line 17, in new_func
return f(get_current_context(), *args, **kwargs)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/flintrock.py", line 456, in launch
tags=ec2_tags)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/ec2.py", line 53, in wrapper
res = func(*args, **kwargs)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/ec2.py", line 955, in launch
identity_file=identity_file)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/core.py", line 625, in provision_cluster
run_against_hosts(partial_func=partial_func, hosts=hosts)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/core.py", line 492, in run_against_hosts
future.result()
File "/usr/lib64/python3.7/concurrent/futures/_base.py", line 428, in result
return self.__get_result()
File "/usr/lib64/python3.7/concurrent/futures/_base.py", line 384, in __get_result
raise self._exception
File "/usr/lib64/python3.7/concurrent/futures/thread.py", line 57, in run
result = self.fn(*self.args, **self.kwargs)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/core.py", line 675, in provision_node
wait=True)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/flintrock/ssh.py", line 84, in get_ssh_client
timeout=3)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/client.py", line 446, in connect
passphrase,
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/client.py", line 677, in _auth
key_filename, pkey_class, passphrase
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/client.py", line 586, in _key_from_filepath
key = klass.from_private_key_file(key_path, password)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/pkey.py", line 235, in from_private_key_file
key = cls(filename=filename, password=password)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/rsakey.py", line 55, in __init__
self._from_private_key_file(filename, password)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/rsakey.py", line 176, in _from_private_key_file
self._decode_key(data)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/paramiko/rsakey.py", line 202, in _decode_key
).private_key(default_backend())
File "/home/ec2-user/venv/lib64/python3.7/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py", line 317, in private_key
return backend.load_rsa_private_numbers(self)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 629, in load_rsa_private_numbers
return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
File "/home/ec2-user/venv/lib64/python3.7/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 361, in __init__
raise ValueError("Invalid private key", errors)
ValueError: ('Invalid private key', [_OpenSSLErrorWithText(code=67764350, lib=4, func=160, reason=126, reason_text=b'error:040A007E:rsa routines:RSA_check_key_ex:iqmp not inverse of q')])Initially I assumed this was an issue with my SSH key pairs, so I generated a fresh pair with ssh-keygen -t rsa -b 4096 on my macOS 10.15.7 laptop and started the entire process over - got the same error verbatim.
Then I ran pip install --upgrade paramiko==2.7.2 (the latest version) on my bastion and reran the launch command and the error seems to be resolved. I'm adding that as a step to my build script as a quick fix.
Can you update to paramiko==2.7.2? I imagine other people will start running into this, too.
Thanks again!
Thanks for the report and suggested fix.
Hmm, I wonder what changed between paramiko 2.7.1 (the current version on master) and 2.7.2. I'll take a look at the change log.
But given the maintenance version bump, this sounds like a safe change to me.