Fish: ssh key pass-phrase prompt use wrong encoding
Alexis M.
amurzeau.bt at gmail.com
Sat Apr 26 15:54:21 BST 2014
While wanting to put files to a remote host using the fish protocol, it
prompted as expected the passphrase for the ssh key I use.
MY pass-phrase actually contains non ASCII characters encoded as utf8,
but the dialog box seems to expect a latin1 string.
Test to reproduce the error:
Precondition: remote account password or ssh key passphrase is "ètr"
Test 1:
- Use fish to access a remote server using for example Dolphin
- A dialog prompt for the password (or passphrase of the key)
- Put "ètr" in the password field and confirm
- The password is refused and fish ask again for the password
Test 2:
- Use fish to access a remote server using for example Dolphin
- A dialog prompt for the password (or passphrase of the key)
- Put "ètr" in the password field and confirm
- The password is accepted and fish show files of the remote server
The password is read as Unicode UTF-16 (using QString), then kio_fish
convert it to latin1 and send it to ssh.
When putting "ètr" in the password prompt, the "è" character is sent to
ssh as byte 0xE8. ssh read 0xE8 and compare it to the pass-phrase which
is encoded in utf8, and so fail because "è" in UTF-8 is encoded as bytes
0xC3 0xA8.
When putting "ètr", "è" is sent to ssh as bytes 0xC3 0xA8. ssh read
these two bytes and compare them to the passphrase and these bytes match
to the the UTF-8 character "è" so ssh can use key on go on.
In my case, I created the key using command line, and my system use
UTF-8, so the passphrase I entered is encoded as UTF-8. ssh does not
seems to do any character conversion, so the expect encoding is the one
used at passphrase creation.
I posted a bug report about that:
https://bugs.kde.org/show_bug.cgi?id=332428
After more investigation, it seems that other text strings (username,
account password, hostname) may be read by ssh as UTF-8 strings too. In
comment 2 in the bug report, I say that ssh is started with LANG=C
LC_ALL=C, but it's not the case (I confused ssh arguments with the
command executed on the remote host when ssh start).
To be sure I checked the environment variables of the ssh spawned by
kio_fish, and there is LANG=fr_FR.UTF-8.
So as I first thought, username, hostname and password (in case of login
with password authentication) may also be read as UTF-8 strings by ssh
but fish send them as latin1 strings.
This issue seems to not be so easy to handle, so can someone confirm
expected encodings and if username, hostname, password and pass-phrase
should indeed be send using the local encoding (ie: use toLocal8Bits)
instead of latin1 (toLatin1).
Cheers,
Alexis
More information about the kde-core-devel
mailing list