[BUG FIX] Fix an issue with propagating invalid exception when using RSA key but authentication failure occurs

[Kami]

Problem description

Currently if you use a valid RSA key, but authentication failure occurs, paramiko will propagate an invalid not a valid DSA private key file exception. The exception which should be propagated is Authentication failed.

The reason why this occurs is because paramiko tries to load / parse private key in the following order:

1. RSA
2. DSA

If parsing of the key as RSA succeeds, but authentication failure occurs, paramiko won't stop, but it will also try to parse the same key which is already to be determined to be an RSA key as DSA. Obviously, parsing RSA key as DSA won't work, so not a valid DSA private key file exception will be stored in saved_exception and propagated to the end user later in the code.

Note 1: I discovered this bug while debugging some Libcloud deployment issues. Sadly a work-around for us (and others) until this has been merged into master is to catch Invalid DSS key exception exception and treat it in the same way as authentication failure which is far from ideal.

Note 2: I wonder how more people didn't spot this issue. RSA keys are far more common than DSA keys and I would imagine that most people only use / try one key for authentication.

[dtgay]

+1, thanks for writing this up :)

[coveralls]

Coverage decreased (-0.03%) when pulling 2552d75 on Kami:fix_invalid_exception_propagation_on_valid_rsa_key_and_authentication_failure into e811e71 on paramiko:master.

[Kami]

Added a test case for previous invalid behavior and for this fix in e8c7f85

If you revert my fix, the test will fail because an invalid SSHException: not a valid DSA private key file exception is thrown.

[coveralls]

Coverage decreased (-0.03%) when pulling e8c7f85 on Kami:fix_invalid_exception_propagation_on_valid_rsa_key_and_authentication_failure into e811e71 on paramiko:master.