Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssh/communicator_test fails in 2030 #21727

Closed
bmwiedemann opened this issue Jun 14, 2019 · 2 comments
Closed

ssh/communicator_test fails in 2030 #21727

bmwiedemann opened this issue Jun 14, 2019 · 2 comments
Labels
build

Comments

@bmwiedemann
Copy link

Terraform Version

0.11.11

Expected Behavior

build+tests should succeed anytime in the future

Actual Behavior

build fails in 2030

Debug Output

2034/07/16 21:34:21 [WARN] ssh: handshake failed: ssh: cert has expired
--- FAIL: TestHostCert (0.00s)
    communicator_test.go:340: ssh: handshake failed: ssh: cert has expired

Steps to Reproduce

in openSUSE or Debian do

osc co openSUSE:Factory/terraform ; cd $_
osc build --build-opt=--vm-custom-opt="--rtc base=2030-02-01T00:00:00" --noservice --vm-type=kvm --clean

Additional Context

Using ssh-keygen -L -f $FILE to decode the cert in ./communicator/ssh/communicator_test.go line 57 shows the expiry of 2030-01-01T05:00

        Type: ssh-rsa-cert-v01@openssh.com host certificate
        Public key: RSA-CERT SHA256:NaCSsxvUtzC+lJK7JLwZ/8FojyAKpGXAJUs51ZqRnOE
        Signing CA: RSA SHA256:6IVexLqB3lfZtvBUi29wV0Mw/R3Qk4YMSjCsTgtKM/c
        Key ID: "ca-test"
        Serial: 0
        Valid: from 2018-02-13T20:21:56 to 2030-01-01T05:00:00
        Principals:
                127.0.0.1

This bug was found while working on reproducible builds for openSUSE.

Background:
As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future.
The usual offset is +15 years, because that is how long I expect some software will be used in some places.
This showed up failing tests in our package build.
See https://reproducible-builds.org/ for why this matters.
@mildwonkey
Copy link
Contributor

I am going to close this issue due to inactivity.

If there is still a question, I recommend the the community forum, where there are far more people available to help. If there is a bug or you would like to make a feature request, please open a new issue and fill out the template.
Thanks!

@ghost
Copy link

ghost commented Oct 13, 2020

I'm going to lock this issue because it has been closed for 30 days . This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@hashicorp hashicorp locked as resolved and limited conversation to collaborators Oct 13, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
build
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bmwiedemann @mildwonkey