I assume version 2.6.0 fixes this problem (?)

Please test python-paramiko-2.6.0-1.mga7 in Core/Updates_testing repo!

CC: (none) => geiger.david68210

jepp, that solves the problem!
no more log entries :)
Thanks!

Assigning to QA now,


Advisory:
========================

Our current paramiko package is a quite olg and generates plenty of warnings log.
So this updates paramiko to a more recent and maintained release and also fixes this issue.

========================

Packages in 7/core/updates_testing:
========================
python2-paramiko-2.6.0-1.mga7.noarch.rpm
python3-paramiko-2.6.0-1.mga7.noarch.rpm

Source RPM: 
========================
python-paramiko-2.6.0-1.mga7.src.rpm

Assignee: bugsquad => qa-bugs

For x86_64 everythings works well with duplicity.

@ Marc
MGA7-64 Plasma on Lenovo B50
No installation issues apart from the fact that python2-paramiko-2.6.0-1 was already on my system. Why, I don't have any idea.
Then
$ urpmq --whatrequires-recursive python3-paramiko
ansible
ansible-lint
python3-paramiko
python3-x2go
syntastic-ansible
$ urpmq --whatrequires-recursive python2-paramiko
python2-paramiko

There is no signof duplicity here.
Tried my hand at syntastic-ansible, but that is a vim plugin apparently, and I don't play in that league.
For the brave however, I found some ansible samples in https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html.

CC: (none) => herman.viaene

@Herman regarding comment 6.
Strange that; I tried installing duplicity and it picked up python-paramiko.
     1/16: python2-gdata         #############################################
     2/16: python-lockfile       #############################################
     3/16: python2-backports     #############################################
     4/16: python2-backports-ssl_match_hostname
                                 #############################################
     5/16: python2-urllib3       #############################################
     6/16: python2-requests      #############################################
     7/16: python-dropbox        #############################################
     8/16: lib64rsync2           #############################################
     9/16: python-boto           #############################################
    10/16: python2-monotonic     #############################################
    11/16: python2-fasteners     #############################################
    12/16: python2-bcrypt        #############################################
    13/16: python2-pynacl        #############################################
    14/16: python-paramiko       #############################################
    15/16: ncftp                 #############################################
    16/16: duplicity             #############################################

Ah.  The package name is python-paramiko.
$ urpmq --whatrequires-recursive python-paramiko
bzrtools
cloud-utils
deja-dup
duplicity
fwbackups
mysql-workbench
noethys
patator
pyhoca-cli
pyhoca-gui
python-paramiko
python2-x2go

No idea about duplicity though.  The cli requires two arguments at least.  The help command shows usage but without a tutorial that means little.  We should go with Marc on that assessment.  I shall try to follow up ansible later and then update and test again.

CC: (none) => tarazed25

duplicity is a bit complicated to use, if you just want a test case. In fact it is a backup software.
python-paramiko is a reimplementation of the ssh protocol in python. So testing would "just" need a python script using this function.

Thanks Marc.  Found just such a script at StackExchange but it was not ideal so  now trying the demos at https://github.com/paramiko/paramiko/blob/master/demos/ 
These are part of the paramiko package but do not appear in /usr/share AFAIKS.

Running demo.py enables remote login to a designated host:

$ ./demo.py
Hostname: canopus
/usr/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:39: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  m.add_string(self.Q_C.public_numbers().encode_point())
/usr/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:96: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.curve, Q_S_bytes
/usr/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:111: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  hm.add_string(self.Q_C.public_numbers().encode_point())
/usr/lib/python2.7/site-packages/paramiko/ecdsakey.py:164: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.ecdsa_curve.curve_class(), pointinfo
*** WARNING: Unknown host key!
Username [lcl]: 
Trying ssh-agent key 525859e95f4086871509b863a0cf0a3b
... success!
*** Here we go!

Last login: Sun Jul 28 00:29:43 2019
[lcl@canopus ~]$ 

$ ./keygen.py -v
Generating priv/pub dsa 1024 bits key pair (output/output.pub)...done.
Fingerprint: 1024 29:80:7e:ca:6d:81:75:fa:18:2c:85:6c:21:5c:1b:4c output.pub (DSA)
$ ./keygen.py --type=rsa
Fingerprint: 1024 ec:bd:86:fe:86:50:ca:6c:06:c4:2d:8c:e0:e3:a6:b7 output.pub (RSA)

Copied the sample RSA keys fron GitHub and also copied the public key to host canopus.

$ python simple.py
Hostname: canopus
Username [lcl]: 
Password for lcl@canopus: 
/usr/lib/python2.7/site-packages/paramiko/ecdsakey.py:164: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.ecdsa_curve.curve_class(), pointinfo
*** Connecting...

This is all before updating, using python2.7 only.

Looks like it all sort of works but I do not really know what I am doing.
Sorry about the verbosity - more to come!

After the updates:

$ python server.py
Read key: 60733844cb5186657fdedaa22b5a57d5
Listening for connection ...

Don't know what user is supposed to feed to it.

$ python simple.py
Hostname: canopus
Username [lcl]: 
Password for lcl@canopus: 
*** Connecting...
*** Caught exception: <class 'paramiko.ssh_exception.BadHostKeyException'>: Host key for server 'canopus' does not match: got 'whatever......' Traceback (most recent call last):
  File "simple.py", line 66, in <module>
    client.connect(hostname, port, username, password)
  File "/usr/lib/python2.7/site-packages/paramiko/client.py", line 423, in connect
    raise BadHostKeyException(hostname, server_key, our_key)
BadHostKeyException: Host key for server 'canopus' does not match: got 'whatever.....'

$ python demo.py
Hostname: canopus
*** WARNING: Unknown host key!
Username [lcl]: 
Trying ssh-agent key 525859e95f4086871509b863a0cf0a3b
... success!
*** Here we go!

Last login: Sun Jul 28 18:42:36 2019 from 192.168.1.103
[lcl@canopus ~]$ exit

So, looks like remote host public key needs to be imported first.

With reference to comment 10 and others.  I think it all works but you have to have some idea what you are doing.
Sending it on.

Whiteboard: (none) => MGA7-64-OK

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2019-0092.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED