Opened 5 years ago

Closed 5 years ago

#8931 defect closed fixed (fixed)

host key error: Invalid EC Key Y point.

Reported by: Craig Rodrigues Owned by: Craig Rodrigues <rodrigc@…>
Priority: normal Milestone:
Component: conch Keywords:
Cc: z3p Branch:
Author:

Description

In my ~/.ssh/known_hosts file, I had a host key created by OpenSSH_7.2p2, LibreSSL 2.4.1, on OS X.

If I try to use conch to log into that host, I get this:

Traceback (most recent call last):                                                                  
  File "/Users/crodrigues/twisted8/src/twisted/conch/client/knownhosts.py", line 70, in            
_extractCommon                                                                                                      
    key = Key.fromString(a2b_base64(keyString))                                                                     
  File "/Users/crodrigues/twisted8/src/twisted/conch/ssh/keys.py", line 197, in fromString                          
    return method(data)                                                                                             
  File "/Users/crodrigues/twisted8/src/twisted/conch/ssh/keys.py", line 251, in _fromString_BLOB                    
    return cls._fromECComponents(x=x, y=y, curve=keyType)                                                           
  File "/Users/crodrigues/twisted8/src/twisted/conch/ssh/keys.py", line 725, in _fromECComponents                   
    keyObject = publicNumbers.public_key(default_backend())
  File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/primitives/asymme                
tric/ec.py", line 285, in public_key                                                                                
    return backend.load_elliptic_curve_public_numbers(self)                                                         
  File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/backends/multibac                
kend.py", line 273, in load_elliptic_curve_public_numbers                                                           
    return b.load_elliptic_curve_public_numbers(numbers)                                                            
  File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/                
backend.py", line 1384, in load_elliptic_curve_public_numbers                                                       
    ec_cdata, numbers.x, numbers.y)                                                                                 
  File "/Users/crodrigues/venv-3.6/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/                
backend.py", line 1546, in _ec_key_set_public_key_affine_coordinates                                                
    raise ValueError("Invalid EC Key Y point.")                                                                     
ValueError: Invalid EC Key Y point.      

and then I get a bad host key error.

This key works fine with OpenSSH.

If I delete the known_hosts file, and log in with conch, my known_hosts file gets populated with a different key.

Attachments (3)

known_hosts_openssh_broken.txt (173 bytes) - added by Craig Rodrigues 5 years ago.
known_hosts_openssh_broken.2.txt (173 bytes) - added by Craig Rodrigues 5 years ago.
known_hosts_conch_working.txt (884 bytes) - added by Craig Rodrigues 5 years ago.

Download all attachments as: .zip

Change History (6)

comment:1 Changed 5 years ago by DefaultCC Plugin

Cc: z3p added

Changed 5 years ago by Craig Rodrigues

Changed 5 years ago by Craig Rodrigues

Changed 5 years ago by Craig Rodrigues

comment:3 Changed 5 years ago by Craig Rodrigues <rodrigc@…>

Owner: set to Craig Rodrigues <rodrigc@…>
Resolution: fixed
Status: newclosed

In e116bbe:

Error: Processor CommitTicketReference failed
 does not appear to be a Git repository. See the log for more information.
Note: See TracTickets for help on using tickets.