[Bug 1043536] New: Kwallet (with gpg key encrytion) does accept the password input to open the wallet only after about 8 repetitions
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 Bug ID: 1043536 Summary: Kwallet (with gpg key encrytion) does accept the password input to open the wallet only after about 8 repetitions Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: x86-64 OS: openSUSE 42.2 Status: NEW Severity: Normal Priority: P5 - None Component: KDE Applications Assignee: opensuse-kde-bugs@opensuse.org Reporter: stakanov@freenet.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- This is reproducible stable to a 100% I open my session. I open Kontact. As the kmail account passwords are stored in wallet with kgpg, I was usually asked the password one time. Then it opens, fine. Now, observed behavior: you input the password, the password is not accepted (I did proof this by watching every stroke, it is(!) the right one). So I do a repetition of 8 time of the password input, trying again and again. At a point then suddenly the password is accepted. You can now work with problems as the wallet opened with the very password it claimed was wrong before. Desired behavior: kwallet should open with the password after one input. The only particularity is to be seen when you use an external screen and keyboard. This should however be unrelated but is mentioned for completeness: If your password input of kde is on the external screen it will jump at the refusal to the laptop screen. However, the input from the external desktop is correctly taken (at least the "dots" appear in the window). Kwallet settings: - only one wallet for local and internet. - kgpg signature with 4096 RSA (no email address as this signature is used for wallet only). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 http://bugzilla.opensuse.org/show_bug.cgi?id=1043536#c1 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |astieger@suse.com --- Comment #1 from Andreas Stieger <astieger@suse.com> --- (In reply to Stakanov Schufter from comment #0)
This is reproducible stable to a 100%
I would like to say from the beginning that if something happens on your machine, it does not mean that you have a reproduction recipe for how to recreate this situation. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 http://bugzilla.opensuse.org/show_bug.cgi?id=1043536#c2 Stakanov Schufter <stakanov@freenet.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(astieger@suse.com | |) --- Comment #2 from Stakanov Schufter <stakanov@freenet.de> --- So, what about this: as it is reproducible at every password entry on this machine, it should be possible to document it. Once documented it, it shall be possible to understand what happens. Please advice how to create the necessary documentation (debug packages needed, commands to be run). And I will be happy to do so. P.S. sorry for having one time used the wrong email address (to ibm) for needinfo. I did not see that you are three times in the system. So will not happen again. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 http://bugzilla.opensuse.org/show_bug.cgi?id=1043536#c3 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(astieger@suse.com | |) | --- Comment #3 from Andreas Stieger <astieger@suse.com> --- Just base instructions how to set up an openSUSE installation (maybe in a VM) to take you to this behavior. Just basic text steps are sufficient, e.g.: install from DVD, select pattern X, open kwallet, select gpg option... and so on. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 http://bugzilla.opensuse.org/show_bug.cgi?id=1043536#c4 Stakanov Schufter <stakanov@freenet.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(astieger@suse.com | |) --- Comment #4 from Stakanov Schufter <stakanov@freenet.de> --- Well the problem is: this was a totally standard install. And the thing happened yesterday: system did not accept the password input anymore. After a reboot the mess. So, what logfiles from yesterday should I provide to look into it? X-errors? journal? If the system is compromised by this (which is obvious) I will do a total new install. Maybe the best is to use a virtual machine every time I am on the web and throw the image away once done. Normally I am using a hardware solution, but currently it is physically broken so I need to buy a new one. Then passwordless export of kgpg is not a problem as the key cannot be exported from the token. Sincerely I think for the sake of safety and usability, it would be good to understand what is happening here. There is one anomalous warning in rkhunter: mercurio (the new post account) is 1001 olpost (the renamed old post account is 1004 In rkhunter there is the following warning: Warning: Changes found in the passwd file for user 'scard': Warning: Changes found in the passwd file for user 'mercurio': The UID has changed from '1001' to '1004' Warning: User 'oldpost' has been added to the passwd file. Warning: The SSH configuration option 'PermitRootLogin' has not been set. The default value may be 'yes', to allow root access. Warning: The SSH configuration option 'Protocol' has not been set. The default value may be '2,1', to allow the use of protocol version 1. Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text This is strange because mercurio cannot change to 1004 as it is an old and invalid account. See also: cat /etc/passwd | grep "/home" connectix:x:1000:100::/home/connectix:/bin/bash entropia:x:1002:100::/home/entropia:/bin/bash hanyu:x:1003:100::/home/hanyu:/bin/bash mercurio:x:1001:100::/home/mercurio:/bin/bash oldpost:x:1004:100::/home/oldpost:/bin/bash lastlog does not show anything strange. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1043536 http://bugzilla.opensuse.org/show_bug.cgi?id=1043536#c5 Stakanov Schufter <stakanov@freenet.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(astieger@suse.com | |) | --- Comment #5 from Stakanov Schufter <stakanov@freenet.de> --- And disregard this, as it is normal. I did rename mercurio. Then I did change the user ID. Later I did create a new user with the name mercurio and migrated the directory content. Then I did create a new kgpg key I then opened kontakt, imported the mail without and addresses from an archive. And I did set up from the scratch all new accounts. It worked fine for a few days and than this strange "passwordless" behavior. So the given info is probably unrelated. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com