Handle "Server '' not found in known_hosts exception #1458

Closed
wants to merge 1 commit into
from

Projects

None yet

2 participants

@ldoktor
Contributor
ldoktor commented Apr 22, 2016

The message with "reject_unknown_hosts" and "abort_on_prompts" is rather
missleading as paramiko returns:

SSHException: Server 'localhost' not found in known_hosts

but fabric reports:

Needed to prompt for a connection or sudo password (host:
localhost), but abort-on-prompts was set to True

This patch handles the special case similarly to existing workarounds.

Signed-off-by: Lukáš Doktor ldoktor@redhat.com

@ldoktor ldoktor referenced this pull request in avocado-framework/avocado Apr 22, 2016
Closed

avocado.core.remoter option to reject remote unknown hosts [v3] #1140

@ldoktor
Contributor
ldoktor commented May 9, 2016

Hello @bitprophet, would you please take a look at this simple modification? It improves the error message when "reject_unknown_hosts" and "abort_on_prompts" are used.

@ldoktor
Contributor
ldoktor commented Jun 2, 2016

Hello @bitprophet, might I ask you to take a look at this few-line fix? It shouldn't take long and it significantly improves the possibility to detect known_hosts issues.

@ldoktor
Contributor
ldoktor commented Jun 21, 2016

@bitprophet would you please take a look at this? It's a simple 6-liner.

@bitprophet bitprophet added this to the 1.10.4 milestone Jun 21, 2016
@bitprophet
Member

Thanks, assigning to next bugfix release. If you have time, a changelog entry and tests would be great (though I don't recall if we test the other spots like this one; if we don't, OK to omit.)

@ldoktor
Contributor
ldoktor commented Jun 22, 2016

Thank you, @bitprophet, I added the selftest (not sure it uses all the neat features of fabric selftests, but works fine), but I'm fighting with the changelog, it keeps failing. Do you have any suggestions, please?

@ldoktor ldoktor Handle "Server '' not found in known_hosts exception
The message with "reject_unknown_hosts" and "abort_on_prompts" is rather
missleading as paramiko returns:

    SSHException: Server 'localhost' not found in known_hosts

but fabric reports:

    Needed to prompt for a connection or sudo password (host:
    localhost), but abort-on-prompts was set to True

This patch handles the special case similarly to existing workarounds.

Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>
ac8e91b
@ldoktor
Contributor
ldoktor commented Jun 28, 2016

@bitprophet, changelog and selftest added.

@bitprophet
Member

Thanks, will get to this on my next bugfix-merge pass!

@jeblundell jeblundell added a commit to jeblundell/fabric that referenced this pull request Jul 17, 2016
@jeblundell jeblundell Updated changelog to include bug #1458 d9ccdd8
@jeblundell jeblundell added a commit to jeblundell/fabric that referenced this pull request Jul 17, 2016
@jeblundell jeblundell Updated changelog entry for #1458 to refer to correct bug and issue 6149232
@bitprophet
Member
bitprophet commented Aug 22, 2016 edited

Sanity checked the test and it's a false positive! :( With the fix commented out, test still passes.

Seems most directly due to fact that when password is non-empty (which is the default for the test environment), the block just above the fix fires, still raising a NetworkError, thus still satisfying the test. When I add password=None to the test's settings() call, the test correctly fails (when the patch is commented out).

This then lead me to realize that the fix should also just get bundled up with that earlier NetworkError block, so I have reformatting things that way. Now easier to read, still works the same way, and the updated test now correctly passes-or-fails as appropriate.

I also tested manually with various combos of reject_known_hosts and abort_on_prompts, still seems good.

@bitprophet
Member
bitprophet commented Aug 22, 2016 edited

Cherry-picked back to 1.10 & layered on the above fixes, all set now! Thanks!!

@bitprophet bitprophet closed this Aug 22, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment