Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rpyc zerodeploy EOF during classic_connect (linux only) #549

Open
dweesy opened this issue Jan 12, 2024 · 0 comments
Open

rpyc zerodeploy EOF during classic_connect (linux only) #549

dweesy opened this issue Jan 12, 2024 · 0 comments

Comments

@dweesy
Copy link

dweesy commented Jan 12, 2024

Hello! I would like to control a remote Linux server from my Mac using rpyc zerodeploy. However, rpyc zerodeploy appears to not work correctly on the linux machine. I tested this by writing a script (based on an rpyc test) that would ssh to localhost and print something. First, I ensured that ssh localhost worked password-free. On Mac (python 3.11.7, rpyc 5.3.1) the script worked, but on Linux (python 3.11.5 and 3.10.13, rpyc 5.3.1) it failed.

from rpyc.utils.zerodeploy import DeployedServer
from plumbum import SshMachine

rem = SshMachine("localhost")
with DeployedServer(rem) as dep:
    conn = dep.classic_connect()
    print(conn.modules.sys)
    func = conn.modules.os.getcwd
    print(func())
    conn.close()

I expect this to print something like:

<module 'sys' (built-in)>
/home/user/

However, when run on this Linux host, instead I observe an EOFError, indicating the sshd terminated the connection:

[user@host rpc_prototype]$ uname
Linux
[user@host rpc_prototype]$ uname -r
3.10.0-962.3.2.lve1.5.81.el7.x86_64
[user@host rpc_prototype]$ python3 rpyc_local.py 
Traceback (most recent call last):
  File "/home/user/rpyc_prototype/rpyc.py", line 10, in <module>
    conn = dep.classic_connect()
           ^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/utils/zerodeploy.py", line 211, in classic_connect
    return rpyc.utils.classic.connect_stream(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/utils/classic.py", line 42, in connect_stream
    return factory.connect_stream(stream, SlaveService)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/utils/factory.py", line 60, in connect_stream
    return connect_channel(Channel(stream), service=service, config=config)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/utils/factory.py", line 48, in connect_channel
    return service._connect(channel, config)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/service.py", line 106, in _connect
    self.on_connect(conn)
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/service.py", line 215, in on_connect
    self._install(conn, conn.root)
                        ^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/protocol.py", line 751, in root
    self._remote_root = self.sync_request(consts.HANDLE_GETROOT)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/protocol.py", line 718, in sync_request
    return _async_res.value
           ^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/async_.py", line 106, in value
    self.wait()
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/async_.py", line 51, in wait
    self._conn.serve(self._ttl)
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/protocol.py", line 438, in serve
    data = self._channel.poll(timeout) and self._channel.recv()
                                           ^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/channel.py", line 55, in recv
    header = self.stream.read(self.FRAME_HEADER.size)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/.local/lib/python3.11/site-packages/rpyc/core/stream.py", line 280, in read
    raise EOFError("connection closed by peer")
EOFError: connection closed by peer

I am certain that ssh localhost works correctly, same as on my Mac:

# Prove that passwordless login works on Linux host:
[user@host rpc_prototype]$ ssh localhost
[user@host ~]$ exit
logout
Connection to localhost closed.
[user@host rpc_prototype]$ 

Though the OpenSSL version seems old, it has been patched with security fixes up to 2023.

Here is ssh -v localhost:

[user@host ~]$ ssh -v localhost
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:...
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_2212)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_2212)

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/user/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([127.0.0.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant