[Bug 540488] New: kio_sftp not use public key for login authentication
http://bugzilla.novell.com/show_bug.cgi?id=540488 Summary: kio_sftp not use public key for login authentication Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: i686 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: KDE4 Workspace AssignedTo: kde-maintainers@suse.de ReportedBy: ietc@gmx.net QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.13) Gecko/2009080200 SUSE/3.0.13-0.1.2 Firefox/3.0.13 I use a passwordless public key to log into an SSH server, but since some versions prior to (and including) kdebase4-runtime 4.3.1-140.2 kio_sftp has been insisting that I give the traditional username and password instead. Logging in with the key works on the console (OpenSSH) and via kio_fish. Reproducible: Always Steps to Reproduce: 1. Have access to an SSH account via public key (no password). 2. Browse to that server (e.g., with Dolphin): sftp://user@server Actual Results: KDE asks for username and password (is not logging in using the public key) Expected Results: Should be able to log in without typing in information (via public key) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=540488
User ietc@gmx.net added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c1
--- Comment #1 from William Tseng
http://bugzilla.novell.com/show_bug.cgi?id=540488
User binner@kde.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c2
Stephan Binner
http://bugzilla.novell.com/show_bug.cgi?id=540488
User binner@kde.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c3
Stephan Binner
http://bugzilla.novell.com/show_bug.cgi?id=540488
User ietc@gmx.net added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c4
--- Comment #4 from William Tseng
http://bugzilla.novell.com/show_bug.cgi?id=540488
User mail@cynapses.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c5
--- Comment #5 from Andreas Schneider
http://bugzilla.novell.com/show_bug.cgi?id=540488
User ietc@gmx.net added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c6
--- Comment #6 from William Tseng
ssh -vvv user@server OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to server [192.168.0.2] port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/id_rsa type -1 debug3: Not a RSA1 key file /home/user/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/user/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7 debug1: match: OpenSSH_4.7 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 128/256 debug2: bits set: 516/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/user/.ssh/known_hosts debug3: check_host_in_hostfile: match line 2 debug3: check_host_in_hostfile: filename /home/user/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'server' is known and matches the RSA host key. debug1: Found key in /home/user/.ssh/known_hosts:2 debug2: bits set: 535/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/user/.ssh/id_rsa ((nil)) debug2: key: /home/user/.ssh/id_dsa (0xb7fa5220) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/user/.ssh/id_rsa debug3: no such identity: /home/user/.ssh/id_rsa debug1: Offering public key: /home/user/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-dss blen 819 debug2: input_userauth_pk_ok: fp ec:f9:2c:7c:ec:b4:56:34:bc:cd:0a:89:04:63:4d:83 debug3: sign_and_send_pubkey debug1: read PEM private key done: type DSA debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug3: tty_make_modes: ospeed 38400 debug3: tty_make_modes: ispeed 38400 debug1: Sending environment. debug3: Ignored env LESSKEY debug3: Ignored env NNTPSERVER debug3: Ignored env MANPATH debug3: Ignored env INFODIR debug3: Ignored env SSH_AGENT_PID debug3: Ignored env KDE_MULTIHEAD debug3: Ignored env DM_CONTROL debug3: Ignored env HOSTNAME debug3: Ignored env XKEYSYMDB debug3: Ignored env GPG_AGENT_INFO debug3: Ignored env DESKTOP_STARTUP_ID debug3: Ignored env TERM debug3: Ignored env SHELL debug3: Ignored env HOST debug3: Ignored env XDG_SESSION_COOKIE debug3: Ignored env XDM_MANAGED debug3: Ignored env HISTSIZE debug3: Ignored env PROFILEREAD debug3: Ignored env KONSOLE_DBUS_SERVICE debug3: Ignored env GTK2_RC_FILES debug3: Ignored env TMPDIR debug3: Ignored env GS_LIB debug3: Ignored env GTK_RC_FILES debug3: Ignored env WINDOWID debug3: Ignored env MORE debug3: Ignored env XSESSION_IS_UP debug3: Ignored env KDE_FULL_SESSION debug3: Ignored env USER debug3: Ignored env JRE_HOME debug3: Ignored env LD_LIBRARY_PATH debug3: Ignored env LS_COLORS debug3: Ignored env XNLSPATH debug3: Ignored env ENV debug3: Ignored env HOSTTYPE debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env FROM_HEADER debug3: Ignored env SESSION_MANAGER debug3: Ignored env PAGER debug3: Ignored env CSHEDIT debug3: Ignored env XDG_CONFIG_DIRS debug3: Ignored env MINICOM debug3: Ignored env DESKTOP_SESSION debug3: Ignored env PATH debug3: Ignored env MAIL debug3: Ignored env CPU debug3: Ignored env QT_IM_MODULE debug3: Ignored env JAVA_BINDIR debug3: Ignored env PWD debug3: Ignored env INPUTRC debug3: Ignored env XMODIFIERS debug3: Ignored env JAVA_HOME debug3: Ignored env KDE_SESSION_UID debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env PYTHONSTARTUP debug3: Ignored env KONSOLE_DBUS_SESSION debug3: Ignored env SSH_ASKPASS debug3: Ignored env COLORFGBG debug3: Ignored env SHLVL debug3: Ignored env HOME debug3: Ignored env QT_SYSTEM_DIR debug3: Ignored env KDE_SESSION_VERSION debug3: Ignored env OSTYPE debug3: Ignored env LESS_ADVANCED_PREPROCESSOR debug3: Ignored env LANGUAGE debug3: Ignored env XCURSOR_THEME debug3: Ignored env LS_OPTIONS debug3: Ignored env WINDOWMANAGER debug3: Ignored env LOGNAME debug3: Ignored env MACHTYPE debug3: Ignored env LESS debug3: Ignored env G_FILENAME_ENCODING debug3: Ignored env CVS_RSH debug3: Ignored env DBUS_SESSION_BUS_ADDRESS debug3: Ignored env XDG_DATA_DIRS debug3: Ignored env LESSOPEN debug3: Ignored env USE_FAM debug3: Ignored env WINDOWPATH debug3: Ignored env INFOPATH debug3: Ignored env PROFILEHOME debug3: Ignored env DISPLAY debug3: Ignored env QT_PLUGIN_PATH debug3: Ignored env GTK_IM_MODULE debug3: Ignored env XAUTHLOCALHOSTNAME debug3: Ignored env LESSCLOSE debug3: Ignored env QT_IM_SWITCHER debug3: Ignored env G_BROKEN_FILENAMES debug3: Ignored env COLORTERM debug3: Ignored env JAVA_ROOT debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel_input_confirm: type 99 id 0 debug2: PTY allocation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_confirm: type 99 id 0 debug2: shell request accepted on channel 0
./samplessh -vvv user@server [1] SSH server banner: SSH-2.0-OpenSSH_4.7 [1] Analyzing banner: SSH-2.0-OpenSSH_4.7 [1] We are talking to an OpenSSH server version: 4.7 (40700) [3] Packet size decrypted: 780 (0x30c) [3] Read a 780 bytes packet [1] 10 bytes padding, 779 bytes left in buffer [1] After padding, 769 bytes left in buffer [1] Final size 769 [1] Type 20 [1] Writing on the wire a packet having 141 bytes before [1] 141 bytes after comp + 6 padding bytes = 148 bytes packet [1] Writing on the wire a packet having 133 bytes before [1] 133 bytes after comp + 6 padding bytes = 140 bytes packet [3] Packet size decrypted: 444 (0x1bc) [3] Read a 444 bytes packet [1] 9 bytes padding, 443 bytes left in buffer [1] After padding, 434 bytes left in buffer [1] Final size 434 [1] Type 31 [1] Writing on the wire a packet having 1 bytes before [1] 1 bytes after comp + 10 padding bytes = 12 bytes packet [1] SSH_MSG_NEWKEYS sent
[3] Packet size decrypted: 12 (0xc) [3] Read a 12 bytes packet [1] 10 bytes padding, 11 bytes left in buffer [1] After padding, 1 bytes left in buffer [1] Final size 1 [1] Type 21 [1] Got SSH_MSG_NEWKEYS [3] Set output algorithm to aes128-cbc [3] Set input algorithm to aes128-cbc [1] Writing on the wire a packet having 17 bytes before [1] 17 bytes after comp + 10 padding bytes = 28 bytes packet [3] Encrypting packet with seq num: 3, len: 32 [3] Sent SSH_MSG_SERVICE_REQUEST (service ssh-userauth) [3] Decrypting 16 bytes [3] Packet size decrypted: 28 (0x1c) [3] Read a 28 bytes packet [3] Decrypting 16 bytes [1] 10 bytes padding, 27 bytes left in buffer [1] After padding, 17 bytes left in buffer [1] Final size 17 [1] Type 6 [3] Received SSH_MSG_SERVICE_ACCEPT (service ssh-userauth) [1] Writing on the wire a packet having 35 bytes before [1] 35 bytes after comp + 8 padding bytes = 44 bytes packet [3] Encrypting packet with seq num: 4, len: 48 [3] Decrypting 16 bytes [3] Packet size decrypted: 44 (0x2c) [3] Read a 44 bytes packet [3] Decrypting 32 bytes [1] 7 bytes padding, 43 bytes left in buffer [1] After padding, 36 bytes left in buffer [1] Final size 36 [1] Type 51 auth: 0x000a supported auth methods: publickey, keyboard-interactive [1] Writing on the wire a packet having 35 bytes before [1] 35 bytes after comp + 8 padding bytes = 44 bytes packet [3] Encrypting packet with seq num: 5, len: 48 [3] Decrypting 16 bytes [3] Packet size decrypted: 44 (0x2c) [3] Read a 44 bytes packet [3] Decrypting 32 bytes [1] 7 bytes padding, 43 bytes left in buffer [1] After padding, 36 bytes left in buffer [1] Final size 36 [1] Type 51 [1] Trying to authenticate with SSH agent keys [3] agent_talk - len of request: 1 [3] agent_talk - response length: 5 [3] agent_ident_count - answer type: 12, expected answer: 12 [3] agent_ident_count - count: 0 [3] Trying to open public key /home/user/.ssh/identity.pub [3] Failed [3] Trying to open public key /home/user/.ssh/identity.pub [3] Failed [3] Trying to open public key /home/user/.ssh/id_dsa.pub [3] Trying to open private key /home/user/.ssh/id_dsa [3] Success reading public and private key [3] Wasn't able to open public key file /home/user/.ssh/id_dsa.pub: Invalid public key file [3] Trying to open public key /home/user/.ssh/id_rsa.pub [3] Failed [1] Writing on the wire a packet having 59 bytes before [1] 59 bytes after comp + 16 padding bytes = 76 bytes packet [3] Encrypting packet with seq num: 6, len: 80 [3] Decrypting 16 bytes [3] Packet size decrypted: 44 (0x2c) [3] Read a 44 bytes packet [3] Decrypting 32 bytes [1] 11 bytes padding, 43 bytes left in buffer [1] After padding, 32 bytes left in buffer [1] Final size 32 [1] Type 60 Password: -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=540488
User mail@cynapses.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c7
--- Comment #7 from Andreas Schneider
http://bugzilla.novell.com/show_bug.cgi?id=540488
User mail@cynapses.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c8
--- Comment #8 from Andreas Schneider
http://bugzilla.novell.com/show_bug.cgi?id=540488
User ietc@gmx.net added comment
http://bugzilla.novell.com/show_bug.cgi?id=540488#c9
--- Comment #9 from William Tseng
participants (1)
-
bugzilla_noreply@novell.com