OpenStack Nova Cloud Controller Charm

Host key check fails in ssh migration when hostnames are upper case

Bug #1868891 reported by Brett Milford on 2020-03-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Nova Cloud Controller Charm	Expired	Undecided	Unassigned

Bug Description

Whilst hostnames are case independent, the hash produced for known_hosts is case sensitive.
When hostnames are uppercase nova-cc stores the host keys for this hostname but not it's lowercase variant. When this hostname is used in ssh migration, the host key check fails it is checking for the hash of the lowercase variant.

Tags:

Revision history for this message

Alex Kavanagh (ajkavanagh) wrote on 2020-03-25:

Please could you add the versions of the charm and openstack that this is occurring on, and what is failing (with a stack trace if possible).

Changed in charm-nova-cloud-controller:
status:	New → Incomplete

Revision history for this message

Brett Milford (brettmilford) wrote on 2020-04-06:

The issue was originally found with cs:nova-compute-296, cs:nova-cloud-controller-324 deployed on bionic. However I've been unable to reproduce the bug in a clean environment.

Notably openssh-client 7.6p1 appears to unconditionally lowercase hosts https://github.com/openssh/openssh-portable/blob/V_7_6_P1/ssh.c#L1030

Whilst in latter versions, such as that in focal, calls lowercase hosts if they aren't an address.
https://github.com/openssh/openssh-portable/blob/V_8_2_P1/ssh.c#L1142-L1143

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-06-05:

[Expired for OpenStack nova-cloud-controller charm because there has been no activity for 60 days.]

Changed in charm-nova-cloud-controller:
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.