Add ed25519 gem

[octomike]

When running specs for puppet-nginx on my local machine I tripped over:

An error occurred while loading ./spec/acceptance/nginx_upstream_spec.rb.
Failure/Error: require 'beaker-rspec'
NotImplementedError:
  unsupported key type `ssh-ed25519'
  net-ssh requires the following gems for ed25519 support:
   * ed25519 (>= 1.2, < 2.0)
   * bcrypt_pbkdf (>= 1.0, < 2.0)
  See https://github.com/net-ssh/net-ssh/issues/565 for more information
  Gem::LoadError : "ed25519 is not part of the bundle. Add it to your Gemfile."

Is this the right place to add the missing dependency?

[dhoppe]

Could you please provide more information about your test environment and which command you executed to get this error message?

[octomike]

Sure, this is what I'm running:

PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=debian9-64{hypervisor=docker} BEAKER_destroy=yes bundle exec rake beaker

on
Ubuntu 19.10
OpenSSH_8.0p1 Ubuntu-6build1, OpenSSL 1.1.1c 28 May 2019

And this is the complete log to the first exception:

TEST_TIERS env variable not defined. Defaulting to run all tests.
/usr/bin/ruby2.5 -I/home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/rspec-core-3.9.1/lib:/home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/rspec-support-3.9.2/lib /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/rspec-core-3.9.1/exe/rspec spec/acceptance
/home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec/helpers/serverspec.rb:43: warning: already initialized constant Module::VALID_OPTIONS_KEYS
/home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/specinfra-2.82.6/lib/specinfra/configuration.rb:4: warning: previous definition of VALID_OPTIONS_KEYS was here

Hosts file 'debian9-64{hypervisor=docker}' does not exist.
Trying as beaker-hostgenerator input.

Hypervisor for debian9-64-1 is docker
Beaker::Hypervisor, found some docker boxes to create
get
/v1.16/version
{}

Provisioning docker
provisioning debian9-64-1
Creating image
Dockerfile is         FROM debian:9
        ENV container docker
          RUN apt-get update
          RUN apt-get install -y openssh-server openssh-client curl ntpdate lsb-release
        RUN mkdir -p /var/run/sshd
        RUN echo root:root | chpasswd
        RUN sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config
        RUN sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
        RUN sed -ri 's/^#?UseDNS .*/UseDNS no/' /etc/ssh/sshd_config
RUN cp /bin/true /sbin/agetty
RUN rm -f /usr/sbin/policy-rc.d
RUN apt-get update && apt-get install -y cron locales-all net-tools wget systemd-sysv gnupg
        EXPOSE 22
        CMD ["/sbin/init"]
Docker build buildargs: {}
post
/v1.16/build
{:rm=>true, :buildargs=>"{}"}
Dockerfile0000640000000000000000000000127313604726741013321 0ustar00wheelwheel00000000000000        FROM debian:9
        ENV container docker
          RUN apt-get update
          RUN apt-get install -y openssh-server openssh-client curl ntpdate lsb-release
        RUN mkdir -p /var/run/sshd
        RUN echo root:root | chpasswd
        RUN sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config
        RUN sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
        RUN sed -ri 's/^#?UseDNS .*/UseDNS no/' /etc/ssh/sshd_config
RUN cp /bin/true /sbin/agetty
RUN rm -f /usr/sbin/policy-rc.d
RUN apt-get update && apt-get install -y cron locales-all net-tools wget systemd-sysv gnupg
        EXPOSE 22
        CMD ["/sbin/init"]

Creating container from image ff530e9e9d8f
post
/v1.16/containers/create
{}
{"Image":"ff530e9e9d8f","Hostname":"debian9-64-1","HostConfig":{"PortBindings":{"22/tcp":[{"HostPort":"9088","HostIp":"0.0.0.0"}]},"PublishAllPorts":true,"Privileged":true,"RestartPolicy":{"Name":"always"}}}
Starting container 6e45ac657fed332642ed91cf0fdcb57e9216db7c4727e8f4f0a5253517692694
post
/v1.16/containers/6e45ac657fed332642ed91cf0fdcb57e9216db7c4727e8f4f0a5253517692694/start
{}
{}
get
/v1.16/containers/6e45ac657fed332642ed91cf0fdcb57e9216db7c4727e8f4f0a5253517692694/json
{}

Using docker server at 0.0.0.0
get
/v1.16/containers/6e45ac657fed332642ed91cf0fdcb57e9216db7c4727e8f4f0a5253517692694/json
{}

node available as  ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@0.0.0.0 -p 9088
get
/v1.16/containers/6e45ac657fed332642ed91cf0fdcb57e9216db7c4727e8f4f0a5253517692694/json
{}


debian9-64-1 23:06:14$ cat /etc/resolv.conf
  Attempting ssh connection to 0.0.0.0, user: root, opts: {:password=>"root", :port=>"9088", :forward_agent=>false}
  Warning: Try 1 -- Host 0.0.0.0 unreachable: Errno::ECONNRESET - Connection reset by peer
  Warning: Trying again in 3 seconds
  Attempting ssh connection to 0.0.0.0, user: root, opts: {:password=>"root", :port=>"9088", :forward_agent=>false, :logger=>#<Logger:0x0000562171776968 @level=4, @progname=nil, @default_formatter=#<Logger::Formatter:0x0000562171776918 @datetime_format=nil>, @formatter=nil, @logdev=#<Logger::LogDevice:0x00005621717768c8 @shift_period_suffix=nil, @shift_size=nil, @shift_age=nil, @filename=nil, @dev=#<IO:<STDERR>>, @mon_owner=nil, @mon_count=0, @mon_mutex=#<Thread::Mutex:0x0000562171776850>>>, :password_prompt=>#<Net::SSH::Prompt:0x0000562171776828>, :user=>"root"}

An error occurred while loading ./spec/acceptance/class_spec.rb.
Failure/Error: require 'beaker-rspec'
NotImplementedError:
  unsupported key type `ssh-ed25519'
  net-ssh requires the following gems for ed25519 support:
   * ed25519 (>= 1.2, < 2.0)
   * bcrypt_pbkdf (>= 1.0, < 2.0)
  See https://github.com/net-ssh/net-ssh/issues/565 for more information
  Gem::LoadError : "ed25519 is not part of the bundle. Add it to your Gemfile."
  
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/ed25519_loader.rb:21:in `raiseUnlessLoaded'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/buffer.rb:323:in `read_keyblob'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/buffer.rb:249:in `read_key'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/key_factory.rb:105:in `load_data_public_key'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/key_factory.rb:86:in `load_public_key'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/key_manager.rb:229:in `block in load_identities'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/key_manager.rb:225:in `map'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/key_manager.rb:225:in `load_identities'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/key_manager.rb:101:in `each_identity'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/methods/publickey.rb:19:in `authenticate'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/session.rb:85:in `block in authenticate'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/session.rb:71:in `each'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh/authentication/session.rb:71:in `authenticate'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/net-ssh-5.2.0/lib/net/ssh.rb:250:in `start'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/ssh_connection.rb:53:in `connect_block'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/ssh_connection.rb:77:in `connect'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/ssh_connection.rb:43:in `connect'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host.rb:297:in `connection'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host.rb:357:in `block (2 levels) in exec'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/logger.rb:239:in `with_indent'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host.rb:356:in `block in exec'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host.rb:355:in `exec'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host_prebuilt_steps.rb:293:in `get_domain_name'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host_prebuilt_steps.rb:393:in `block in hack_etc_hosts'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host_prebuilt_steps.rb:390:in `each'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/host_prebuilt_steps.rb:390:in `hack_etc_hosts'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-docker-0.6.0/lib/beaker/hypervisor/docker.rb:236:in `provision'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/hypervisor.rb:37:in `create'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/network_manager.rb:72:in `block in provision'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/network_manager.rb:71:in `each_key'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-4.14.1/lib/beaker/network_manager.rb:71:in `provision'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec/beaker_shim.rb:35:in `provision'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec/spec_helper.rb:50:in `block in <top (required)>'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec/spec_helper.rb:5:in `<top (required)>'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec.rb:5:in `require'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec.rb:5:in `<module:BeakerRSpec>'
# /home/local/MPIB-BERLIN/krause/.gem/ruby/2.5.0/gems/beaker-rspec-6.2.4/lib/beaker-rspec.rb:1:in `<top (required)>'
# ./spec/spec_helper_acceptance.rb:1:in `require'
# ./spec/spec_helper_acceptance.rb:1:in `<top (required)>'
# ./spec/acceptance/class_spec.rb:1:in `require'
# ./spec/acceptance/class_spec.rb:1:in `<top (required)>'

The container created with this call contains:

# ls -l /etc/ssh/
total 81
-rw-r--r-- 1 root root 553122 Jul 15 13:32 moduli
-rw-r--r-- 1 root root   1723 Jul 15 13:32 ssh_config
-rw------- 1 root root    227 Jan  6 22:02 ssh_host_ecdsa_key
-rw-r--r-- 1 root root    179 Jan  6 22:02 ssh_host_ecdsa_key.pub
-rw------- 1 root root    411 Jan  6 22:02 ssh_host_ed25519_key
-rw-r--r-- 1 root root     99 Jan  6 22:02 ssh_host_ed25519_key.pub
-rw------- 1 root root   1675 Jan  6 22:02 ssh_host_rsa_key
-rw-r--r-- 1 root root    399 Jan  6 22:02 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root   3281 Jan  6 22:03 sshd_config

and I guess the ed25519 key is the first one tried here.

[dhoppe]

Interesting. I have not seen this before, because our CI pipeline uses Ubuntu 18.04.

@bastelfreak We should merge this to prevent issues with Travis CI, when we switch to the next LTS release.

[alexjfisher]

@octomike For a bit more assurance, could you create a test PR against at least one module to show that this doesn't break anything?