Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkeys are immutable on OpenSSL 3.0 #12985

Closed
meaz opened this issue Nov 5, 2022 · 5 comments
Closed

pkeys are immutable on OpenSSL 3.0 #12985

meaz opened this issue Nov 5, 2022 · 5 comments

Comments

@meaz
Copy link

meaz commented Nov 5, 2022

Hi,

I have Vagrant 2.3.2, OpenSSL 3.0.7 and virtualbox 7.0.2.

When I run vagrant up to create a new box, I get this:
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb:21:in generate_key!': pkeys are immutable on OpenSSL 3.0 (OpenSSL::PKey::PKeyError)`

I have no idea what to do.

The full log
@tth439
Copy link

tth439 commented Nov 5, 2022

I have the same issue with the libvirt provider

pkeys are immutable on OpenSSL 3.0

/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb:21:in `generate_key!'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb:21:in `generate_key'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/kex/abstract.rb:32:in `initialize'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:437:in `new'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:437:in `exchange_keys'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:245:in `proceed!'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:184:in `accept_kexinit'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:210:in `block in poll_message'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:190:in `loop'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:190:in `poll_message'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:225:in `block in wait'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:223:in `loop'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:223:in `wait'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh/transport/session.rb:90:in `initialize'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `new'
/opt/vagrant/embedded/gems/2.3.2/gems/net-ssh-6.1.0/lib/net/ssh.rb:251:in `start'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/plugins/communicators/ssh/communicator.rb:467:in `block (2 levels) in connect'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:179:in `block in timeout'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `block in catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:188:in `timeout'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/plugins/communicators/ssh/communicator.rb:433:in `block in connect'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/lib/vagrant/util/retryable.rb:17:in `retryable'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/plugins/communicators/ssh/communicator.rb:432:in `connect'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/plugins/communicators/ssh/communicator.rb:87:in `block in wait_for_ready'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:179:in `block in timeout'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `block in catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:36:in `catch'
/opt/vagrant/embedded/gems/2.3.2/gems/timeout-0.3.0/lib/timeout.rb:188:in `timeout'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/plugins/communicators/ssh/communicator.rb:63:in `wait_for_ready'
/opt/vagrant/embedded/gems/2.3.2/gems/vagrant-2.3.2/lib/vagrant/action/builtin/wait_for_communicator.rb:16:in `block in call'

@david-sykora
Copy link

This issue is related to issues 12751. Multiple workarounds are available.

I don't know if it is the best workaround, but it worked for me:

git clone https://github.com/hashicorp/vagrant
cd vagrant

change lines 30:32 in vagrant.gemspec to:

s.add_dependency "net-ssh", ">= 7.0.0"
s.add_dependency "net-sftp", ">= 3.0"
s.add_dependency "net-scp", ">= 3.0.0"

and run

# maybe unnecessary
bundle update

bundle install

then uninstall standard vagrant package (eg. apt purge vagrant, pacman -R vagrant) and use bin from current directory (again, its only temp solution :) )

sudo ln -sf `pwd`/exec/vagrant /usr/local/bin/vagrant

@meaz
Copy link
Author

meaz commented Nov 5, 2022

thanks a lot for the info.

ocanty added a commit to ocanty/vagrant that referenced this issue Nov 6, 2022
@ocanty
Fixes hashicorp#12985
232d5cc
@Busindre
Copy link

Busindre commented Nov 6, 2022

FYI: In Arch Linux i just installed the new version vagrant-2.3.2-2 and it seems that the problem is solved.

@meaz
Copy link
Author

meaz commented Nov 6, 2022

Yes I confirm and therefore close the ticket. Thanks a lot.

@meaz meaz closed this as completed Nov 6, 2022
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 7, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Busindre @david-sykora @meaz @tth439