Review Request: More kio_sftp login related fixes

Andreas Schneider asn at cryptomilk.org
Tue Jun 12 09:45:14 BST 2012



> On May 28, 2012, 1:24 p.m., Andreas Schneider wrote:
> > Ship It!
> 
> Andreas Schneider wrote:
>     I'm fine if you push this to the repo.
> 
> Dawit Alemayehu wrote:
>     I plan to push into master for KDE 4.9, but first I have to fix at least issue #2. Issue #1 can be a TODO to be resolved. I wish I had the time to address it, but unfortunately I have not yet been able to figure out how to generate kbdinit to test it. It does not seem to get generated when one simply compiles libssh from source. At least not as far as I can see. Anyhow, I will fix issue #1 now that I know my changes caused the problem I stated above and push the change before the next 4.9 beta cycle.
>     
>

git clone git://git.libssh.org/projects/libssh.git
cd libssh/build
cmake -DWITH_SERVER=ON ..
make

after that you should have examples/samplesshd-kbdint

You need to run it as root that it can read the dsa and rsa key.

sudo examples/samplesshd-kbdint -p 2222

then connect with

sftp://libssh@localhost:2222

the daemon stops after a successful authentication. The password is libssh. You can also reach me on freenode: /query gladiac


- Andreas


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/104642/#review14234
-----------------------------------------------------------


On April 26, 2012, 3:42 a.m., Dawit Alemayehu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/104642/
> -----------------------------------------------------------
> 
> (Updated April 26, 2012, 3:42 a.m.)
> 
> 
> Review request for KDE Runtime and Andreas Schneider.
> 
> 
> Description
> -------
> 
> This is the last one of the sftp login fixes series and addresses the following problems:    
> 
> #1. Correctly handle login failure that results from a different username being used when setting the 
> SSH_OPTIONS_USER option and calling ssh_userauth_password. I think this might have been due to
> a regression caused by my previous patch. Nonetheless, this patch addresses it.
> 
> #2. Changed public key authentication so that incorrect public key passwords generate a retry dialog
> instead of simply continuing to the next available authentication method.
> 
> 
> Diffs
> -----
> 
>   kioslave/sftp/kio_sftp.h f497c0b 
>   kioslave/sftp/kio_sftp.cpp e38c629 
> 
> Diff: http://git.reviewboard.kde.org/r/104642/diff/
> 
> 
> Testing
> -------
> 
> Testing for #1:
> ===========
> 1.) Make sure a ssh server is running on your system.
> 2.) Attempt to login into your system: sftp://127.0.0.1.
> 3.) When prompted for credentials, enter a user name other than the currently logged in user.
> 
> Current Behavior:
> Login attempt will simply fail eventually and and error page is displayed.
> 
> New (Fixed) Behavior:
> Successfully log into the server with the specified user name.
> 
> 
> Testing for #2:
> ===========
> 1.) Create a ssh key with password protection and add it to the authorized_keys file.
> 2.) Make sure the ssh public key is in your .ssh directory.
> 3.) Attempt to login into your system: sftp://127.0.0.1
> 4.) When prompted for the passpharse for the key, enter a bogus password. 
> 
> Current behavior:
> No retry dialog is ever shown for an invalid or improper ssh key passphrase and the process simply moves on to the next authentication method.
> 
> New(Fixed) behavior:
> Show a retry dialog if the failure is due to invalid password. If the user then presses cancel on the retry dialog, simply behave the same way as if the cancel button is pressed on the password dialog. That is continue onto the next authentication method.
> 
> 
> Thanks,
> 
> Dawit Alemayehu
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20120612/417d5ada/attachment.htm>


More information about the kde-core-devel mailing list