Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NotImplementedError: unsupported key type ecdsa-sha2-nistp256 #164

Closed
meetme2meat opened this issue May 7, 2018 · 2 comments
Closed

NotImplementedError: unsupported key type ecdsa-sha2-nistp256 #164

meetme2meat opened this issue May 7, 2018 · 2 comments

Comments

@meetme2meat
Copy link

Well, I'm not entirely sure if the issue is related to jRuby openSSL, openSSL or net/ssh but initial finding led me to believe that it has something to with jruby-openssl library.

Upon upgrading our system from JRuby 9.0.5.0 to 9.1.15.0 we encountered we are no longer able to deploy our application using capistrano.

Attempting to deploy our application using

cap integration deploy

We see the following error

Expected behaviour

cap integration deploy

** Invoke integration (first_time)
** Execute integration
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check

 DEBUG [d1ad927d] Running /usr/local/rvm/bin/rvm version as deploy@x.x.x.x
 DEBUG [d1ad927d] Command: /usr/local/rvm/bin/rvm version
cap aborted!
NotImplementedError: unsupported key type `ecdsa-sha2-nistp256'

/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/buffer.rb:286:in `read_keyblob'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/buffer.rb:248:in `read_key'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:108:in `parse_key'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:75:in `parse_line'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:62:in `block in parse_file'
org/jruby/RubyIO.java:3368:in `each_line'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:60:in `block in parse_file'
org/jruby/RubyIO.java:1156:in `open'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:58:in `block in parse_file'
org/jruby/ext/thread/Mutex.java:158:in `synchronize'
/Users/werain/.rvm/rubies/jruby-9.1.15.0/lib/ruby/stdlib/mutex_m.rb:74:in `mu_synchronize'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:47:in `parse_file'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:18:in `keys_for'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:122:in `block in search_for'
org/jruby/RubyArray.java:2487:in `map'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh/known_hosts.rb:121:in `search_for'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/transport/session.rb:96:in `host_keys'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/transport/algorithms.rb:230:in `prepare_preferred_algorithms!'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/transport/algorithms.rb:119:in `initialize'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh/transport/session.rb:86:in `initialize'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/net-ssh-4.2.0/lib/net/ssh.rb:237:in `start'
org/jruby/RubyMethod.java:127:in `call'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/connection_pool.rb:59:in `with'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh.rb:176:in `with_ssh'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/netssh.rb:129:in `execute_command'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
org/jruby/RubyKernel.java:1741:in `tap'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/abstract.rb:60:in `capture'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/capistrano-rvm-0.1.2/lib/capistrano/tasks/rvm.rake:9:in `block in (root)'
org/jruby/RubyBasicObject.java:1728:in `instance_exec'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/backends/abstract.rb:29:in `run'
/Users/werain/.rvm/gems/jruby-9.1.15.0@jpolicy_router/gems/sshkit-1.16.0/lib/sshkit/runners/parallel.rb:12:in `block in execute'
Tasks: TOP => rvm:check

Actual behaviour

The capistrano command should work perfectly.

Tell us what happens instead.

It failed with following error NotImplementedError: unsupported key type ecdsa-sha2-nistp256'` backtrace listed above.

System configuration

net-ssh-4.2.0
jruby 9.1.15.0 (2.3.3) 2017-12-07 929fde8 Java HotSpot(TM) 64-Bit Server VM 25.144-b01 on 1.8.0_144-b01 +jit [darwin-x86_64]

OpenSSL client
> openssl version
LibreSSL 2.2.7

Jruby Openssl version
jruby-openssl (0.9.21 java)

Example App

Run the below example under JRuby 9.1.15.0

gem 'net-ssh', '4.2.0`
require 'net/ssh'
puts Net::SSH::Version::CURRENT

@host = 'localhost'
@user = ENV['USER']
Net::SSH.start(@host, @user) do |ssh|
  puts ssh.exec!('echo "hello"')
end

Running the following code in 9.0.5.0(with jruby-openssl 0.9.21) return a 9.1.13.0 result in ..


from org.jruby.ext.openssl.PKeyEC$Point.initialize(PKeyEC.java:845)
	from org.jruby.ext.openssl.PKeyEC$Point$INVOKER$i$0$0$initialize_DBG.call(PKeyEC$Point$INVOKER$i$0$0$initialize_DBG.gen)
	from org.jruby.internal.runtime.methods.JavaMethod$JavaMethodN.call(JavaMethod.java:729)
	from org.jruby.runtime.callsite.CachingCallSite.cacheAndCall(CachingCallSite.java:273)
	from org.jruby.runtime.callsite.CachingCallSite.callBlock(CachingCallSite.java:79)
	from org.jruby.runtime.callsite.CachingCallSite.call(CachingCallSite.java:83)
	from org.jruby.RubyClass.newInstance(RubyClass.java:891)
	from org.jruby.RubyClass$INVOKER$i$newInstance_DBG.call(RubyClass$INVOKER$i$newInstance_DBG.gen)
	from org.jruby.runtime.callsite.CachingCallSite.cacheAndCall(CachingCallSite.java:273)
	from org.jruby.runtime.callsite.CachingCallSite.callBlock(CachingCallSite.java:79)
	from org.jruby.runtime.callsite.CachingCallSite.call(CachingCallSite.java:83)
	from org.jruby.ir.instructions.CallBase.interpret(CallBase.java:414)
	from org.jruby.ir.interpreter.InterpreterEngine.processCall(InterpreterEngine.java:348)
	from org.jruby.ir.interpreter.StartupInterpreterEngine.interpret(StartupInterpreterEngine.java:77)
	from org.jruby.internal.runtime.methods.MixedModeIRMethod.INTERPRET_METHOD(MixedModeIRMethod.java:140)
	from org.jruby.internal.runtime.methods.MixedModeIRMethod.call(MixedModeIRMethod.java:126)
... 249 levels...
	from org.jruby.runtime.callsite.CachingCallSite.cacheAndCall(CachingCallSite.java:313)
	from org.jruby.runtime.callsite.CachingCallSite.call(CachingCallSite.java:163)
	from org.jruby.ir.interpreter.InterpreterEngine.processCall(InterpreterEngine.java:316)
	from org.jruby.ir.interpreter.StartupInterpreterEngine.interpret(StartupInterpreterEngine.java:77)
	from org.jruby.ir.interpreter.Interpreter.INTERPRET_ROOT(Interpreter.java:112)
	from org.jruby.ir.interpreter.Interpreter.execute(Interpreter.java:99)
	from org.jruby.ir.interpreter.Interpreter.execute(Interpreter.java:35)
	from org.jruby.ir.IRTranslator.execute(IRTranslator.java:42)
	from org.jruby.Ruby.runInterpreter(Ruby.java:848)
	from org.jruby.Ruby.runInterpreter(Ruby.java:853)
	from org.jruby.Ruby.runNormally(Ruby.java:752)
	from org.jruby.Ruby.runFromMain(Ruby.java:569)
	from org.jruby.Main.doRunFromMain(Main.java:415)
	from org.jruby.Main.internalRun(Main.java:310)
	from org.jruby.Main.run(Main.java:239)
	from org.jrube

The above code work perfectly fine with jruby-openssl version is `0.9.15-java under jruby-9.0.5.0( Since I could not manage to use 0.9.15 in jruby-9.0.1x.x) as well as our deployment. (because I update jruby-openssl under jruby-9.0.5.0 to jruby-openssl-0.9.21 and our capistrano deployment)
@meetme2meat
Copy link
Author

meetme2meat commented May 8, 2018
edited

Setting jruby-openssl in Gemfile kind of solve it for now

gem 'jruby-openssl' , `0.9.16`

@meetme2meat meetme2meat mentioned this issue Jul 13, 2018
Closed
@kares
Copy link
Member

kares commented Apr 11, 2024

likely BC did not support ecdsa-sha2-nistp256 back when this was reported.

@kares kares closed this as completed Apr 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kares @meetme2meat