savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [savannah-help-public] encryption key not recognized

From: Bob Proulx
Subject: Re: [savannah-help-public] encryption key not recognized
Date: Mon, 11 Nov 2013 12:51:11 -0700
User-agent: Mutt/1.5.21 (2010-09-15) 
Hello Frank,

Frank Ross (fross) wrote:
> Sorry, but having a lot of trouble getting keys to be recognized so
> that I can establish a connection for CVS.

This is the right place to ask for help with such things.

> I created the key using ssh-keygen, and added the key to the system.
> ...
> linux-ea8y:/usr/src # cvs -z3 -d:ext:address@hidden:/web/grub co grub
> Permission denied (publickey).

Looking in the logs I see:

  Nov 11 17:33:35 vcs sshd[29044]: Invalid user rossff from [redacted]
  Nov 11 17:33:35 vcs sshd[29044]: input_userauth_request: invalid user rossff 
[preauth]
  Nov 11 17:33:35 vcs sshd[29044]: Connection closed by [redacted] [preauth]

The problem is that your account isn't considered valid.  But I don't
immediately see why not.  I see an entry for rossff in the user
database.  I tested this with myself and my user is valid.  But your
account isn't being seen as valid.  And so at the moment I am a little
bit at a loss.

  getent passwd rossff
  ...nothing...

Normally for a valid user that will return the account information.

I am still learning this part of the system.  If one of the other
Savannah Hackers doesn't jump in then I will dig into it further and
figure it out.  But off the top of my head I don't know and think it
should be working.

> Note, the sample key and my key differ at the end of the key where
> the user is given, my key file just has a space vs. the "==" given
> in the sample.  But, I tried modifying with no change in result.

The key is a binary blob encoded as a base64 string.  The equals signs
are part of the trailing padding.  Either one, two or none will appear
depending upon the length of the input that gets encoded.  Whatever is
generated by ssh-keygen will be the correct string.

> I also tried changing the key to address@hidden since I do not have
> a domain associated with this machine, it normally gives
> address@hidden - perhaps the problem?

Not sure what you are referring to here.  If it is the last field in
the ssh key string then that can be ignored.  It is the comment
field.  By default ssh-keygen will put something that it tries to be
useful in there.  But the field isn't used for anything other than a
comment.  You are free to change it to something that makes more sense
for you.  By convention it is an email address.  But for example I
have several and therefore I use different hostnames in my address so
that I can identify which key is which key.

> linux-ea8y:/usr/src # ssh -v address@hidden

Note that only vcs commands are allowed.  You won't be able to
actually log in that way.  You will only be able to run cvs commands.

Note that on your end you are running as root.  That definitely isn't
recommended.  Normally we check out as ourselves and not as root.

Note that before you can commit you will need to be added to a group.
I looked at your profile on Savannah and you are not in any groups.
You don't have any permission for any projects.

    Project/Group Information
    This user is not a member of any Project/Group 

But that isn't the current problem.  (At least I don't think it is.)
First things first.

Bob
reply via email to
[Prev in Thread] Current Thread [Next in Thread]