Description of problem: Upgrade from python2-crypto-2.6.1-10.fc24.x86_64 to python2-crypto-2.6.1-13.fc24.x86_64 causes duplicity SSH backend to fail. Running "dnf downgrade python2-crypto" reverts to python2-crypto-2.6.1-10.fc24.x86_64 and backups succeed. Version-Release number of selected component (if applicable): python2-crypto-2.6.1-13.fc24.x86_64 How reproducible: Easily. Steps to Reproduce: 1. "dnf upgrade" on F24 causes update of python2-crypto to python2-crypto-2.6.1-13.fc24.x86_64 2. Use duplicity to backup to SSH destination. 3. See above failure. Actual results: ssh: Connected (version 2.0, client OpenSSH_7.2) ssh: Unknown exception: CTR mode needs counter parameter, not IV ssh: Traceback (most recent call last): ssh: File "/usr/lib/python2.7/site-packages/paramiko/transport.py", line 1744, in run ssh: self.kex_engine.parse_next(ptype, m) ssh: File "/usr/lib/python2.7/site-packages/paramiko/kex_group1.py", line 75, in parse_next ssh: return self._parse_kexdh_reply(m) ssh: File "/usr/lib/python2.7/site-packages/paramiko/kex_group1.py", line 112, in _parse_kexdh_reply ssh: self.transport._activate_outbound() ssh: File "/usr/lib/python2.7/site-packages/paramiko/transport.py", line 2074, in _activate_outbound ssh: engine = self._get_cipher(self.local_cipher, key_out, IV_out) ssh: File "/usr/lib/python2.7/site-packages/paramiko/transport.py", line 1649, in _get_cipher ssh: return self._cipher_info[name]['class'].new(key, self._cipher_info[name]['mode'], iv, counter) ssh: File "/usr/lib64/python2.7/site-packages/Crypto/Cipher/AES.py", line 95, in new ssh: return AESCipher(key, *args, **kwargs) ssh: File "/usr/lib64/python2.7/site-packages/Crypto/Cipher/AES.py", line 59, in __init__ ssh: blockalgo.BlockAlgo.__init__(self, _AES, key, *args, **kwargs) ssh: File "/usr/lib64/python2.7/site-packages/Crypto/Cipher/blockalgo.py", line 141, in __init__ ssh: self._cipher = factory.new(key, *args, **kwargs) ssh: ValueError: CTR mode needs counter parameter, not IV ssh: Using temporary directory /tmp/duplicity-S9liSL-tempdir Backend error detail: Traceback (most recent call last): File "/usr/bin/duplicity", line 1546, in <module> with_tempdir(main) File "/usr/bin/duplicity", line 1540, in with_tempdir fn() File "/usr/bin/duplicity", line 1375, in main action = commandline.ProcessCommandLine(sys.argv[1:]) File "/usr/lib64/python2.7/site-packages/duplicity/commandline.py", line 1126, in ProcessCommandLine backup, local_pathname = set_backend(args[0], args[1]) File "/usr/lib64/python2.7/site-packages/duplicity/commandline.py", line 1015, in set_backend globals.backend = backend.get_backend(bend) File "/usr/lib64/python2.7/site-packages/duplicity/backend.py", line 223, in get_backend obj = get_backend_object(url_string) File "/usr/lib64/python2.7/site-packages/duplicity/backend.py", line 209, in get_backend_object return factory(pu) File "/usr/lib64/python2.7/site-packages/duplicity/backends/ssh_paramiko_backend.py", line 235, in __init__ self.config['port'], e)) BackendException: ssh connection to root.0.1:22 failed: CTR mode needs counter parameter, not IV Expected results: Backups to succeed. Additional info: Seems related to: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850025 and https://github.com/dlitz/pycrypto/issues/149
This should already be fixed with python-paramiko-2.1.1-2.fc24 (see Bug #1418084).
Have you been able to try updating to python-paramiko-2.1.1-2.fc24 yet?
Hi, I upgraded, looks to work, good stuff, thanks!
*** This bug has been marked as a duplicate of bug 1418084 ***