Bug 1047861 - libssh2 driver always seems to print "SSH transport error: no suitable method to retrieve authentication credentials"
Summary: libssh2 driver always seems to print "SSH transport error: no suitable method...
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Peter Krempa
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: TRACKER-bugs-affecting-libguestfs
TreeView+ depends on / blocked
 
Reported: 2014-01-02 12:06 UTC by Richard W.M. Jones
Modified: 2015-10-05 05:43 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-10-05 05:43:54 UTC


Attachments (Terms of Use)

Description Richard W.M. Jones 2014-01-02 12:06:08 UTC
Description of problem:

eg:
$ virsh -c 'qemu+libssh2://localhost/system' list
error: failed to connect to the hypervisor
error: SSH transport error: no suitable method to retrieve authentication credentials
$ virsh -c 'qemu+libssh2://root@localhost/system' list 
error: failed to connect to the hypervisor
error: SSH transport error: no suitable method to retrieve authentication credentials

Surely this should work?

Version-Release number of selected component (if applicable):

libvirt-daemon-1.1.3.2-1.fc20.x86_64
libssh2-1.4.3-8.fc20.x86_64

How reproducible:

100%

Steps to Reproduce:

See above.

Comment 1 Richard W.M. Jones 2014-01-02 12:11:23 UTC
By the way, the error sucks too.

There seem to be two places where the error can be produced,
both completely different in character.

In the first place a better error would be:

"The authentication callback passed to virConnectOpen does
not support VIR_CRED_ECHOPROMPT."

The second place would be better as:

"The authentication callback passed to virConnectOpen does
not support VIR_CRED_ECHOPROMPT, VIR_CRED_NOECHOPROMPT and/or
VIR_CRED_PASSPHRASE."

Comment 2 Peter Krempa 2015-10-02 13:32:01 UTC
This was accidentally caused by commit:

commit 792f81a40ea86e53e834efaaf079c9c0ac104f76
Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Mon Jul 8 15:09:33 2013 +0100

    Convert 'int i' to 'size_t i' in src/rpc/ files
    
    Convert the type of loop iterators named 'i', 'j', k',
    'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
    'unsigned int', also santizing 'ii', 'jj', 'kk' to use
    the normal 'i', 'j', 'k' naming
    
    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

The code is setting the variable to -1 in one instance and thus failing to find the proper callback.

Comment 3 Peter Krempa 2015-10-05 05:43:54 UTC
Fixed upstream:

commit 9869f24d08af1f0d5f45175117953704064556c2
Author: Peter Krempa <pkrempa@redhat.com>
Date:   Fri Oct 2 15:49:01 2015 +0200

    rpc: libssh2: Fix regression in ssh host key verification
    
    Commit 792f81a40e caused a regression in the libssh2 host key
    verification code by changing the variable type of 'i' to unsigned.
    Since one of the loops used -1 as a special value if the asking
    callback was found the conversion made a subsequent test always fail.
    
    The bug was stealth enough to pass review, compilers and coverity.
    
    Refactor the condition to avoid problems.
    
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1047861


Note You need to log in before you can comment on or make changes to this bug.