yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1481084] [NEW] Keypair creation fails when ssh public key comment contains spaces

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Trevor McKay <tmckay@xxxxxxxxxx>
Date: Mon, 03 Aug 2015 20:58:57 -0000
Reply-to: Bug 1481084 <1481084@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

In the Sahara project, we have been generating public keys to use with
nova keypair creation for some time.  These keys have a key comment of
the form "Generated by Sahara"

This has worked until recently.  However, it fails currently as follows:

$ more ~/public_key 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYwUk/fuNiNoseN5tgKt2NsfxeZIE7cC4bcGeJ3WacY8Ss2s/vw1WrBwoicd4cjwkpmrxQkR1d1vBzLyrE/ovHStyu1Gv/Os+wVB0j64AKlG6MZFMeJVuP9M+O0uSqBuEYhzaTvKofiVcrLJat7bJ9S8
MpTWj7ZXRbKKD/+pT1jxll4vCHKLo9caazl7vFI/hRcqMWAr+oYNZYh1BZeNxMWGtEgf11zHiStR1tvs/4CEstajPWWlkHcVeUuGgs8/+kNToUZ22i8kORp8ZFwp11pvFtieAYtBFBWWrze2U1irct34JAHTmemk8SZ/RmN9tLpIP8BspFdWnFylzVyuPZ
 Generated by Sahara

(openstack) keypair create --public-key ~/public_key bob
ERROR: openstack Keypair data is invalid: failed to generate fingerprint (HTTP 400) (Request-ID: req-370e6a3a-d01d-44a4-8a10-160282ec9488)

Removing or replacing the spaces in the key comment fixes the problem
(or hides it)

This seems to be happening because usr/lib/python2.7/site-
packages/cryptography/hazmat/primitives/serialization.py(36)load_ssh_public_key()
is seeing the whole key and splitting on spaces.  So the key comment is
throwing off the key component count.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1481084

Title:
  Keypair creation fails when ssh public key comment contains spaces

Status in OpenStack Compute (nova):
  New

Bug description:
  In the Sahara project, we have been generating public keys to use with
  nova keypair creation for some time.  These keys have a key comment of
  the form "Generated by Sahara"

  This has worked until recently.  However, it fails currently as
  follows:

  $ more ~/public_key 
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYwUk/fuNiNoseN5tgKt2NsfxeZIE7cC4bcGeJ3WacY8Ss2s/vw1WrBwoicd4cjwkpmrxQkR1d1vBzLyrE/ovHStyu1Gv/Os+wVB0j64AKlG6MZFMeJVuP9M+O0uSqBuEYhzaTvKofiVcrLJat7bJ9S8
  MpTWj7ZXRbKKD/+pT1jxll4vCHKLo9caazl7vFI/hRcqMWAr+oYNZYh1BZeNxMWGtEgf11zHiStR1tvs/4CEstajPWWlkHcVeUuGgs8/+kNToUZ22i8kORp8ZFwp11pvFtieAYtBFBWWrze2U1irct34JAHTmemk8SZ/RmN9tLpIP8BspFdWnFylzVyuPZ
   Generated by Sahara

  (openstack) keypair create --public-key ~/public_key bob
  ERROR: openstack Keypair data is invalid: failed to generate fingerprint (HTTP 400) (Request-ID: req-370e6a3a-d01d-44a4-8a10-160282ec9488)

  Removing or replacing the spaces in the key comment fixes the problem
  (or hides it)

  This seems to be happening because usr/lib/python2.7/site-
  packages/cryptography/hazmat/primitives/serialization.py(36)load_ssh_public_key()
  is seeing the whole key and splitting on spaces.  So the key comment
  is throwing off the key component count.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1481084/+subscriptions

Follow ups

[Bug 1481084] Re: Keypair creation fails when ssh public key comment contains spaces
From: Thierry Carrez, 2015-09-24