[Bug 627596] New: SSH Public Key Authentication
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c0 Summary: SSH Public Key Authentication Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: openSUSE 11.3 Status: NEW Severity: Critical Priority: P5 - None Component: Release Notes AssignedTo: ke@novell.com ReportedBy: cobexer@gmail.com QAContact: coolo@novell.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.8) Gecko/20100723 SUSE/3.6.8-0.1.1 Firefox/3.6.8 The change in the handling off SSH Public Key Authentication should be documented in the release notes (as documented here: http://en.opensuse.org/SDB:Configure_openSSH#Public_Key_Authentication) Reproducible: Always Steps to Reproduce: 1. configure 11.2 or lower to use public key athentication only 2. upgrade to 11.3 (with zypper dup for example) 3. you cant login with public keys any more (and you won't find an error message that helps you in any way) Actual Results: cant login using SSH Public Key Authentication Expected Results: .. Critical because it would render remote machines unconnectable. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c Karl Eichwalder <ke@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEW |ASSIGNED -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c1 Karl Eichwalder <ke@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |anicka@novell.com, | |meissner@novell.com --- Comment #1 from Karl Eichwalder <ke@novell.com> 2010-08-03 08:47:43 UTC --- ok, but this is not strictly an upgrade issue only. The commented statement in /etc/ssh/sshd_config that we ship with 11.3 is still wrong: #AuthorizedKeysFile .ssh/authorized_keys -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c2 Karl Eichwalder <ke@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |maintenance@opensuse.org --- Comment #2 from Karl Eichwalder <ke@novell.com> 2010-08-03 09:12:21 UTC --- Here is my proposal: <!-- bnc#627596 --> <sect3 id="sec.113.sshd"> <title>SSH Public Key Authentication</title> <para>In <filename>/etc/ssh/sshd_config</filename> relative paths are no longer allowed. When pointing to the <filename>authorized_keys</filename> file, use <literal>%h/</literal> in front of the path. Otherwise logging in using SSH Public Key Authentication will fail with openSSH 5.4 and later.</para> <para>Example:</para> <screen>PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys </screen> </sect3> ======================================================================== I need a swampid, please. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c3 --- Comment #3 from Marcus Meissner <meissner@novell.com> 2010-08-03 09:13:43 UTC --- how many reolease notes items are there yet? should we collect them for a bit? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c4 --- Comment #4 from Karl Eichwalder <ke@novell.com> 2010-08-03 12:57:23 UTC --- (In reply to comment #3)
how many release notes items are there yet? should we collect them for a bit?
Reasonable idea. ATM, no more items are in the pipe, but the release notes translations are mostly ready by now, and I'd like to publish them. Either together with bug 624991 or with this bug. But I could wait another week, though. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c5 --- Comment #5 from Marcus Meissner <meissner@novell.com> 2010-08-03 15:25:18 UTC --- in that case we could start it now I think +1 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c6 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:34957:low --- Comment #6 from Swamp Workflow Management <swamp@suse.com> 2010-08-04 10:33:50 UTC --- The SWAMPID for this issue is 34957. This issue was rated as low. Please submit fixed packages until 2010-09-01. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/34957 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c7 Christian Dengler <cdengler@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED CC| |cdengler@novell.com InfoProvider|maintenance@opensuse.org | --- Comment #7 from Christian Dengler <cdengler@novell.com> 2010-08-04 10:35:24 UTC --- Update started; be so kind and submit a patchinfo -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c8 Karl Eichwalder <ke@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #8 from Karl Eichwalder <ke@novell.com> 2010-08-06 13:28:15 UTC --- Submitted to BS (sr 44730). and release-notes-openSUSE.patch.box done. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c9 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:34957:low |maint:running:34957:low | |maint:released:11.3:35012 --- Comment #9 from Swamp Workflow Management <swamp@suse.com> 2010-08-13 12:44:56 UTC --- Update released for: release-notes-openSUSE Products: openSUSE 11.3 (i586) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:34957:low |. |maint:released:11.3:35012 | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=627596 https://bugzilla.novell.com/show_bug.cgi?id=627596#c10 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|. |. maint:running:34957:low --- Comment #10 from Swamp Workflow Management <swamp@suse.com> 2010-08-23 14:52:03 UTC --- The SWAMPID for this issue is 34957. This issue was rated as low. Please submit fixed packages until 2010-09-20. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/34957 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=627596 https://bugzilla.novell.com/show_bug.cgi?id=627596#c Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|. maint:running:34957:low |. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627596 http://bugzilla.novell.com/show_bug.cgi?id=627596#c11 --- Comment #11 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (627596) was mentioned in https://build.opensuse.org/request/show/44730 11.3:Test / release-notes-openSUSE -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com