SSH Error — Github or AWS CloudFormation?
while parsing a flow mapping in “<unicode_string>” expected ‘,’ or ‘}’ but got ‘{‘
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: AWS Security | Application Security | CloudFormation
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
While trying to access the Github meta API to get the list of CIDRs associated with GitHub and put them into an AWS Prefix List I randomly got this error.
verfiable_password_authentication…
falsessh_key_fingerprints
The thing is, my code never changed when I got this error. I had run the same code a number of times. After I got this error I ran the same code again and never saw the error again.
“Cidr:” in the error message above seemed to be part of the AWS template code I was trying to generate. I was not using any authentication to get to GitHub. I was using SSH to get into an EC2 instance, however the code from there was just using HTTPS to get to GitHub.
Nothing came up for the exact phrases above in the error message when I searched on Google so initially I thought this is internal code at either GitHub as part of their meta API service or AWS CloudFormation.
Then I remembered that I had seen part of one of those strings in the GitHub meta API I was looking at:
So there we have:
verfiable_password_authentication
But not:
falsessh_key_fingerprints
But if you look at the above we do have:
“ssh_key_fingerprints”
So somehow the “false” got inserted in the wrong place.
And “Cidr” is coming from the CloudFormation template I was trying to auto-generate.
So perhaps there was some kind of parsing problem that caused the text from the GitHub API to be managed and merged into the CloudFormation template I was generating.
That error above seems like a YAML parsing error so somehow more data was pulled from GitHub than expected. How that happened, I am not exactly sure. The API call brings down some data from GitHub and then filters out only what I need but it seemed like the whole file was pulled in rather than the subset of data I needed.
I had a separate bash function that pulls down that data so the only thing I could think of was a multi-threading error in the AWS Linux OS where the first function didn’t finish processing before the second in what should be a single-threaded application.
At any rate, I never saw the error again after that one time.
[11/3/2022 — Update: Just got this error again. Deleted a long list of AWS CloudFormation stacks to test deployment from scratch and this error occurred again. Nothing else is failing.]
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2022
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab