Podman latest version 5.0.3 affected our entire development team

[tppalani]

Issue Description

We have installed podman latest version 5.0.3 into our machine all the machine are getting failed with below error. Error key generation failed, unable to read from stderr signal killed

Steps to reproduce the issue

Describe the results you received

Attched image

Describe the results you expected

Describe the results you expected

podman info output

If you are unable to run podman info for any reason, please provide the podman version, operating system and its version and the architecture you are running.

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

Additional environment details

Additional information

Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting

[Luap99]

Please provide the info requested in the issue template.
We also need a reproducer and what is special about your environment? What OS is this on, etc..?

From the shown error message it sounds like something in your environment is killing the ssh-keygen command.

[tppalani]

Please provide the info requested in the issue template. We also need a reproducer and what is special about your environment? What OS is this on, etc..?

From the shown error message it sounds like something in your environment is killing the ssh-keygen command.

I'm really sorry i just posted this question in hurry reason more than 20 users affected with latest version, we are using widows machine and we are connected to VPN network, so far we have used 4.9.3 its workes perfectly.

now after updating the version version we can see this issue across our machhine.

[tppalani]

it would be really helpful you can help me out about this issue because we have installed Podman across our organization when user will upgrade the podman all the folks will getting into trouble.

[BlackHole1]

@tppalani Could you check if there are any private/public keys in the %USERPROFILE%/.local/share/containers/podman/machine/ directory (usually named machine and machine.pub)?
If not, could you try using the ssh-keygen -N "" -t ed25519 -f machine command to test ssh-keygen?

[baude]

You could also consider a podman system reset if you don't have content that needs preservation. Otherwise, at this point, its going to be hard to help you given the lack on input.

[tppalani]

Could you check if there are any private/public keys in the %USERPROFILE%/.local/share/containers/podman/machine/ directory (usually named machine and machine.pub)?

Thanks for help.

I'm using podman version 4.9.4 inside my local path in windows system, i don't see any keys in it, but my pod is up and running past 1 year %USERPROFILE%/.local/share/containers/podman/machine/ directory (usually named machine and machine.pub)?

My question is - why this ssh key issue coming in latest version how to fix this if key not exist, if already exist it will start podman automatically ?

[tppalani]

Ho @BlackHole1 do you have any updates on this?

[BlackHole1]

Hi @tppalani. I reviewed the relevant code, but the code responsible for generating ssh has not been updated for 2 years (see: https://github.com/containers/podman/blame/26370c95b79e82f5f0cac0c61eeb55021e7b0f77/pkg/machine/keys.go#L71-L90).
As for %USERPROFILE%/.local/share/containers/podman/machine/, this was deduced from the source code.
Based on your feedback, it is highly likely that the lack of private and public key files in this directory is causing podman to execute the ssh-keygen -N "" -t ed25519 -f machine command, and this command failed.

You can try manually executing the command: ssh-keygen -N "" -t ed25519 -f machine in the above directory to see if there are any errors. If the command succeeds and generates the private and public key files, then podman can proceed with the next step :)

[tppalani]

ssh-keygen -N "" -t ed25519 -f machine

Thanks again. just one doubt in above command will create new private, public key inside the this directory path %USERPROFILE%/.local/share/containers/podman/machine?

[BlackHole1]

No, you need to navigate to this directory in the terminal first and then execute this command.

[tppalani]

ssh-keygen -N "" -t ed25519 -f machine

PS C:\Users\User.local\share\containers\podman\machine> ssh-keygen -N "" -t ed25519 -f machine
Too many arguments.
usage: ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format]
[-N new_passphrase] [-t dsa | ecdsa | ed25519 | rsa]
ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase]
[-P old_passphrase]

[thimslugga]

ssh-keygen -N "" -t ed25519 -f machine

PS C:\Users\User.local\share\containers\podman\machine> ssh-keygen -N "" -t ed25519 -f machine

Too many arguments.

usage: ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format]

              [-N new_passphrase] [-t dsa | ecdsa | ed25519 | rsa]

   ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase]

               [-P old_passphrase]

The output returned seems to be a quirk of Microsoft PowerShell. Try and run the command and also include the PS stop parsing operator before the others

use the stop-parsing (--%) token to stop PowerShell from interpreting input as PowerShell commands or expressions.

PowerShell/Win32-OpenSSH#1017 (comment)

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#passing-arguments-that-contain-quote-characters

[tppalani]

Hi @thimslugga

you mean if I run this command from PowerShell this will create new private and public key?

ssh-keygen.exe --% -t dsa -N "" -f stuff

[thimslugga]

@tppalani

Yah I would give that a try as it looked like you were using PS from your shared output. I'm not a Windows user myself.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.