Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could not parse PKey: unsupported #1

Open
wpietron opened this issue Mar 25, 2024 · 1 comment
Open

Could not parse PKey: unsupported #1

wpietron opened this issue Mar 25, 2024 · 1 comment

Comments

@wpietron
Copy link

wpietron commented Mar 25, 2024
edited
Loading

Hi Guys, I hit some issue:

D:\git\vgwp\dbasm19>vagrant version
Installed Version: 2.4.1
Latest Version: 2.4.1


D:\git\vgwp\dbasm19>vagrant plugin install vagrant-multi-putty
Installing the 'vagrant-multi-putty' plugin. This can take a few minutes...
Fetching putty-key-1.1.1.gem
Fetching vagrant-multi-putty-1.6.0.gem
Installed the plugin 'vagrant-multi-putty (1.6.0)'!

D:\git\vgwp\dbasm19>vagrant ssh-config
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2222
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile D:/git/vgwp/dbasm19/.vagrant/machines/default/virtualbox/private_key
  IdentitiesOnly yes
  LogLevel FATAL
  PubkeyAcceptedKeyTypes +ssh-rsa
  HostKeyAlgorithms +ssh-rsa

D:\git\vgwp\dbasm19>vagrant putty
d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:114:in `read': Could not parse PKey: unsupported (OpenSSL::PKey::PKeyError)
        from d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:114:in `block in get_putty_key_file'
        from <internal:kernel>:90:in `tap'
        from d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:112:in `get_putty_key_file'
        from d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:94:in `putty_connect'
        from d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:53:in `block in execute'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/lib/vagrant/plugin/v2/command.rb:249:in `block in with_target_vms'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/lib/vagrant/plugin/v2/command.rb:238:in `each'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/lib/vagrant/plugin/v2/command.rb:238:in `with_target_vms'
        from d:/vghome/gems/3.1.4/gems/vagrant-multi-putty-1.6.0/lib/vagrant-multi-putty/command.rb:51:in `execute'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/lib/vagrant/cli.rb:67:in `execute'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/lib/vagrant/environment.rb:319:in `cli'
        from C:/Program Files/Vagrant/embedded/gems/gems/vagrant-2.4.1/bin/vagrant:248:in `<main>'

I have no problems to convert
D:\git\vgwp\dbasm19\.vagrant\machines\default\virtualbox\private_key
with puttygen 0.8 with a confirmation comment "Successfully imported foreign key (OpenSSH SSH-2 private key (new format)) [...].

What else I may check to investigate this issue?
@philr
Copy link
Owner

philr commented Mar 30, 2024
edited
Loading

Vagrant v2.4.0 changed the default generated private key type from RSA to Ed25519, with the key file now being saved using the new OpenSSH private key format (see hashicorp/vagrant#13219). This causes two problems:

  1. vagrant-multi-putty expects the private key file to be in PEM format and able to be opened using Ruby's OpenSSL::PKey class (see https://github.com/nickryand/vagrant-multi-putty/blob/4bd39e9df77a9d758b651b90cd4747d3c8c22fc1/lib/vagrant-multi-putty/command.rb#L114). The new OpenSSH private key format cannot be understood by OpenSSL. This causes the 'Could not parse PKey: unsupported (OpenSSL::PKey::PKeyError)' exception you are encountering.

  2. putty-key doesn't currently support conversion of Ed25519 keys. This is because it only supports conversion between OpenSSL::PKey objects and PuTTY private keys and support for Ed25519 has only been added to Ruby's OpenSSL bindings relatively recently.

As a workaround, you can have vagrant generate a RSA private key in PEM format that is supported by both vagrant-multi-putty and putty-key by setting config.ssh.key_type = :rsa in your Vagrantfile (see https://developer.hashicorp.com/vagrant/docs/vagrantfile/ssh_settings#config-ssh-key_type).

It looks like Vagrant should remove the default insecure public key from the VM after it is first provisioned (see https://github.com/hashicorp/vagrant/blob/d8fdc500b76c840cdeaa69869d0c000530b036b3/plugins/communicators/ssh/communicator.rb#L263). Changing the key type would therefore seem to require destroying the VM and re-provisioning.

In practice, I've found that it's failing to remove the insecure public key. I was able to run vagrant halt, change the Vagrantfile to set key_type, delete the .vagrant/machines/**/private_key files and then run vagrant up to re-provision with a new key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@philr @wpietron