Re: [Savannah-help-public] Problems logging in via ssh

savannah-hackers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-help-public] Problems logging in via ssh

From:	Sylvain Beucler
Subject:	Re: [Savannah-help-public] Problems logging in via ssh
Date:	Thu, 22 May 2008 01:05:18 +0200
User-agent:	Mutt/1.5.17+20080114 (2008-01-14)
Hi,

Glad it works now :)

You may want to add a note in the Savannah instructions directly
yourself.  It is a wiki.

-- 
Sylvain


On Wed, May 21, 2008 at 02:17:53PM -0700, David Hill wrote:
> Hi Sylvain,
>
> Thanks.
>
> Of course, 'export CVS_RSH=ssh" doesn't work on my Mac using tcsh (I had 
> tried it, since I "knew" it was necessary, but the command wasn't  
> recognised and assumed [  <:-) ] it was therefore unnecessary ).
>
> Finally you prodded me into finding an equivalent, and that:
>
> 'setenv CVS_RSH ssh'
>
> *does* work, and it wasn't that hard to google.  Thank you.
>
> You may want to update your notes in case anyone else has the same  
> problem.  I was aware that my access problems started when I began using 
> the Mac under OS/X to access the various sites, and should have realised 
> what was going on and found the solution earlier.  <:-)
>
> I appreciate your patience, forbearance and help.
>
> david
> -----
> David Hill
> address@hidden
> http://savannah.gnu.org/projects/gnuspeech
> --------
>  The only function of economic forecasting is to make astrology look
> respectable. (J.K. Galbraith)
> --------
>
> On May 21, 2008, at 1:08 PM, Sylvain Beucler wrote:
>
>> Hi,
>>
>> Try:
>>   export CVS_RSH=ssh
>> before running CVS.
>>
>> Your cvs is trying to use rsh instead of ssh for connection.
>>
>> Nowadays most systems symlink 'rsh' to 'ssh' and the issue is solved
>> automatically, but apparently not in this version of osx.
>>
>>
>> Incidentally, option '-i' is an ssh (not cvs) option. If you need to
>> use it in combination with cvs, you need to use an ssh wrapper, but
>> that's another story :)
>>
>> -- 
>> Sylvain
>>
>> On Wed, May 21, 2008 at 12:04:07PM -0700, David Hill wrote:
>>> Hi Sylvain,
>>>
>>> Thanks for the fast reply.
>>>
>>> On May 21, 2008, at 10:42 AM, Sylvain Beucler wrote:
>>>
>>>> Hi,
>>>>
>>>> "Permission denied" means SSH couldn't find a key to match the one 
>>>> at
>>>> Savannah.
>>>>
>>>> "Connection refused" means you probably attempted to connect  
>>>> during a
>>>> server maintenance.
>>>>
>>>> The most likely cause of failure is that SSH doesn't know where to
>>>> find your private key. You can manually specify where your private 
>>>> key
>>>> is using the '-i' option for SSH. By default, SSH looks at
>>>> ~/.ssh/id_dsa and ~/.ssh/id_rsa .
>>>
>>> As I mentioned in my initial email, that's where they are.  Using the
>>> '-i' option gave me a "cvs: invalid option -- i".  Both the 'man'  
>>> pages
>>> and Fogel & Bar (Open Source Development with CVS) seem to think it 
>>> is an
>>> obsolete option, but I shouldn't need it, since the keys are in the
>>> default location -- right?
>>>
>>>>
>>>>
>>>> The reference documentation is here:
>>>> http://savannah.gnu.org/maintenance/SshAccess
>>>
>>> Thanks.  I had checked and used that.
>>>
>>>>
>>>>
>>>> To further diagnose your problem, please send us the output of these
>>>> commands in a terminal:
>>>>
>>>> cvs -t -d:ext:address@hidden/cvsroot/yourproject co
>>>> yourproject
>>>> ssh -v address@hidden
>>>
>>> Here it is -- you'll notice that, with the second command,
>>> authentication does eventually succeed (public key), and I bracketed 
>>> the
>>> session with two 'date' commands so you can figure out whether the
>>> "Connection refused" on the first command was during server  
>>> maintenance:
>>>
>>> [eldorado:~/.ssh] david% date
>>> Wed May 21 11:27:46 PDT 2008
>>> [eldorado:~/.ssh] david% cvs -t - 
>>> d:ext:address@hidden/
>>> cvsroot/gnuspeech co gnuspeech
>>>  -> main loop with CVSROOT=:ext:address@hidden/
>>> cvsroot/gnuspeech
>>>  -> safe_location( where=(null) )
>>>  -> Starting server: rsh -l davidhill cvs.savannah.gnu.org cvs server
>>> cvs.savannah.gnu.org: Connection refused
>>> cvs [checkout aborted]: end of file from server (consult above  
>>> messages
>>> if any)
>>>  -> Lock_Cleanup()
>>> [eldorado:~/.ssh] david% ssh -v address@hidden
>>> OpenSSH_4.7p1, OpenSSL 0.9.7l 28 Sep 2006
>>> debug1: Reading configuration data /Users/david/.ssh/config
>>> debug1: Reading configuration data /etc/ssh_config
>>> debug1: Connecting to cvs.savannah.gnu.org [199.232.41.69] port 22.
>>> debug1: Connection established.
>>> debug1: identity file /Users/david/.ssh/id_rsa type -1
>>> debug1: identity file /Users/david/.ssh/id_dsa type 2
>>> debug1: Remote protocol version 2.0, remote software version
>>> OpenSSH_4.3p2 Debian-9etch2
>>> debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH*
>>> debug1: Enabling compatibility mode for protocol 2.0
>>> debug1: Local version string SSH-2.0-OpenSSH_4.7
>>> debug1: Miscellaneous failure
>>> No credentials cache found
>>>
>>> debug1: Miscellaneous failure
>>> No credentials cache found
>>>
>>> debug1: SSH2_MSG_KEXINIT sent
>>> debug1: SSH2_MSG_KEXINIT received
>>> debug1: kex: server->client aes128-cbc hmac-md5 none
>>> debug1: kex: client->server aes128-cbc hmac-md5 none
>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>>> The authenticity of host 'cvs.savannah.gnu.org (199.232.41.69)'  
>>> can't be
>>> established.
>>> RSA key fingerprint is 80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba: 
>>> 2c:d5.
>>> Are you sure you want to continue connecting (yes/no)? yes
>>> Warning: Permanently added 'cvs.savannah.gnu.org' (RSA) to the list 
>>> of
>>> known hosts.
>>> debug1: ssh_rsa_verify: signature correct
>>> debug1: SSH2_MSG_NEWKEYS sent
>>> debug1: expecting SSH2_MSG_NEWKEYS
>>> debug1: SSH2_MSG_NEWKEYS received
>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>> debug1: Authentications that can continue: publickey
>>> debug1: Next authentication method: publickey
>>> debug1: Trying private key: /Users/david/.ssh/id_rsa
>>> debug1: Offering public key: /Users/david/.ssh/id_dsa
>>> debug1: Server accepts key: pkalg ssh-dss blen 433
>>> debug1: PEM_read_PrivateKey failed
>>> debug1: read PEM private key done: type <unknown>
>>> Enter passphrase for key '/Users/david/.ssh/id_dsa':
>>> debug1: read PEM private key done: type DSA
>>> debug1: Authentication succeeded (publickey).
>>> debug1: channel 0: new [client-session]
>>> debug1: Entering interactive session.
>>> You tried to execute:
>>> Sorry, you are not allowed to execute that command.
>>> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
>>> debug1: channel 0: free: client-session, nchannels 1
>>> Connection to cvs.savannah.gnu.org closed.
>>> debug1: Transferred: stdin 0, stdout 0, stderr 44 bytes in 0.5  
>>> seconds
>>> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 97.2
>>> debug1: Exit status 1
>>> [eldorado:~/.ssh] david% date
>>> Wed May 21 11:30:16 PDT 2008
>>> [eldorado:~/.ssh] david%
>>>
>>> ---------
>>>
>>> Thanks for your help.
>>>
>>> david
>>> -----
>>> David Hill
>>> address@hidden
>>> http://savannah.gnu.org/projects/gnuspeech
>>> --------
>>>  The only function of economic forecasting is to make astrology look
>>> respectable. (J.K. Galbraith)
>>> --------
>>>
>>>
>>>>
>>>>
>>>> Cheers!
>>>>
>>>> -- 
>>>> Sylvain
>>>>
>>>> On Tue, May 20, 2008 at 11:59:45AM -0700, David Hill wrote:
>>>>> Hi people,
>>>>>
>>>>> I am the administrator for the "gnuspeech" project.  I have had
>>>>> problems
>>>>> logging into the gnu webcvs pages and the repository for quite some
>>>>> time
>>>>> now and have tried various measures including changing my keys (the
>>>>> most
>>>>> recent change being yesterday, May 19 2008) and updating my account
>>>>> keys
>>>>> to correspond.  I have checked there are no line feeds in my
>>>>> registered
>>>>> ssh key and I have made sure 'cvs.sv.gnu.org' (RSA)  has been added
>>>>> correctly  to the list of known hosts .  The entry reads:
>>>>>
>>>>> --------
>>>>> cvs.sv.gnu.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzFQovi+67xa
>>>>> +wymRz9u3plx0ntQnELBoNU4SCl3RkwSFZkrZsRTC0fTpOKatQNs1r/
>>>>> BLFoVt21oVFwIXVevGQwB+Lf0Z+5w9qwVAQNu/YUAFHBPTqBze4wYK/
>>>>> gSWqQOLoj7rOhZk0xtAS6USqcfKdzMdRWgeuZ550P6gSzEHfv0=
>>>>> --------
>>>>>
>>>>> I believe I have checked the most current documentation carefully,
>>>>> but
>>>>> such a process is notoriously prone to wishful thinking :-(
>>>>>
>>>>> Whether going directly from the command line, or using MacCvsX I  
>>>>> get
>>>>> the
>>>>> same "Permission denied (publickey)" or "Connection refused" errors
>>>>> as in
>>>>> the following copied transactions from the MacCvsX console  
>>>>> window and
>>>>> terminal window:
>>>>>
>>>>> MacCvsX console
>>>>> -------
>>>>> cvs -d :ext:address@hidden:/webcvs/gnuspeech checkout --
>>>>> cvs.sv.gnu.org:/webcvs/gnuspeech (in directory /Users/david/
>>>>> gnuspeech/
>>>>> www/)
>>>>> Permission denied (publickey).
>>>>>
>>>>> cvsnt [checkout aborted]: end of file from server (consult above
>>>>> messages if any)
>>>>>
>>>>> ***** CVS exited normally with code 1 *****
>>>>> -----
>>>>>
>>>>> Terminal window:
>>>>> -------
>>>>> [eldorado:~/gnuspeech/www/software] david% cvs -z3 -
>>>>> d:ext:address@hidden:/webcvs/gnuspeech co gnuspeech
>>>>> cvs.savannah.gnu.org: Connection refused
>>>>> cvs [checkout aborted]: end of file from server (consult above
>>>>> messages
>>>>> if any)
>>>>> [eldorado:~/gnuspeech/www/software] david%
>>>>> --------
>>>>>
>>>>> the "software" directory contains:
>>>>>
>>>>> ------
>>>>> [eldorado:~/gnuspeech/www/software] david% ls
>>>>> CVS             gnuspeech
>>>>> [eldorado:~/gnuspeech/www/software] david%
>>>>> ------
>>>>>
>>>>> My ~/.ssh directory contains:
>>>>>
>>>>> ------
>>>>> [eldorado:~/.ssh] david% ls
>>>>> config          id_dsa.pub      identity.pub
>>>>> id_dsa          identity        known_hosts
>>>>> [eldorado:~/.ssh] david%
>>>>> ------
>>>>>
>>>>> The ssh dsa keys are in the "id_dsa*" files, not in the "identity*"
>>>>> files.  The config file contains "Protocol 2"
>>>>>
>>>>> Long experience tells me that the problem is something *I* am doing
>>>>> wrong or missing, but I don't see it, and am therefore checking  
>>>>> with
>>>>> you
>>>>> on the off-chance that something has changed, or some kind of block
>>>>> has
>>>>> been placed on my access.  If there are no changes or blocks, and
>>>>> you can
>>>>> spot my error, that would be very helpful too.
>>>>>
>>>>> I am using the standard Openssh that comes with the Mac, dated
>>>>> February
>>>>> 26 2008, though I believe there was an update to Openssh to deal
>>>>> with a
>>>>> vulnerability as recently as last month.  It has not made it to my
>>>>> machine so far.
>>>>>
>>>>> Many thanks in anticipation of your help --  I hope I have provided
>>>>> all
>>>>> the information you may need for this.
>>>>>
>>>>> david
>>>>> ------
>>>>> David Hill
>>>>> address@hidden
>>>>> http://savannah.gnu.org/projects/gnuspeech
>>>>> --------
>>>>>  The only function of economic forecasting is to make astrology  
>>>>> look
>>>>> respectable. (J.K. Galbraith)
>>>>> --------
>>>>
>>>
>>
>
[Prev in Thread]
Current Thread
[Next in Thread]
[Savannah-help-public] Problems logging in via ssh, David Hill, 2008/05/20
- Re: [Savannah-help-public] Problems logging in via ssh, Sylvain Beucler, 2008/05/21
  - Message not available
    - Re: [Savannah-help-public] Problems logging in via ssh, Sylvain Beucler, 2008/05/21
    - Message not available
    - Re: [Savannah-help-public] Problems logging in via ssh, Sylvain Beucler <=
Prev by Date: [Savannah-help-public] [sr #106377] Rename Coal project to Bee
Next by Date: [Savannah-help-public] CVS repository tarball
Previous by thread: Re: [Savannah-help-public] Problems logging in via ssh
Next by thread: [Savannah-help-public] Re: Renaming Savannah project
Index(es):
- Date
- Thread