tahoe-lafs/trac-2024-07-25

sftp - unable to recognise password in private/accounts #2095

New issue

Open

opened 2013-10-26 20:27:54 +00:00 by nrbray · 1 comment

nrbray commented

2013-10-26 20:27:54 +00:00

Owner

Followed instructions in https://tahoe-lafs.org/trac/tahoe-lafs/browser/docs/frontends/FTP-and-SFTP.rst to the letter.

SFTP server seems not to recognise password:
nrb@nrb-ThinkPad-T61:~/.tahoe$ cat private/accounts

This is a password line, (username, password, cap)

alice password URI:DIR2:ddg5n76x6stjb35psrcn7i3ytu:etbtnftlaeylm4gmi7mxzq6pg2ntgra7dyjeronyoo4pvkgtttqa

end

nrb@nrb-ThinkPad-T61:~/.tahoe$ cat tahoe.cfg

-- mode: conf; coding: utf-8 --

#....

sftpd
enabled = true
port = tcp:8022:interface=127.0.0.1
host_pubkey_file = private/ssh_host_rsa_key.pub
host_privkey_file = private/ssh_host_rsa_key
accounts.file = private/accounts

end

nrb@nrb-ThinkPad-T61:~/.tahoe$ sshfs -o debug,sshfs_debug,loglevel=debug alice@127.0.0.1: ~/repos/sshfs/tahoe-lafs
SSHFS version 2.3
FUSE library version: 2.8.6
nullpath_ok: 0
executing <-x> <-a> <-oClearAllForwardings=yes> <-ologlevel=debug> <-2> alice@127.0.0.1 <-s>
debug1: Reading configuration data /home/nrb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/nrb/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/nrb/.ssh/id_rsa-cert type -1
debug1: identity file /home/nrb/.ssh/id_dsa type -1
debug1: identity file /home/nrb/.ssh/id_dsa-cert type -1
debug1: identity file /home/nrb/.ssh/id_ecdsa type -1
debug1: identity file /home/nrb/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 45:e2:de:a0:17:35:16:96:43:27:40🆎81:a9:ce:fb
debug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/nrb/.ssh/known_hosts:9
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/nrb/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/nrb/.ssh/id_dsa
debug1: Trying private key: /home/nrb/.ssh/id_ecdsa
debug1: Next authentication method: password
alice@127.0.0.1's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
alice@127.0.0.1's password:

Followed instructions in <https://tahoe-lafs.org/trac/tahoe-lafs/browser/docs/frontends/FTP-and-SFTP.rst> to the letter. SFTP server seems not to recognise password: nrb@nrb-ThinkPad-T61:~/.tahoe$ cat private/accounts # This is a password line, (username, password, cap) alice password URI:DIR2:ddg5n76x6stjb35psrcn7i3ytu:etbtnftlaeylm4gmi7mxzq6pg2ntgra7dyjeronyoo4pvkgtttqa # end nrb@nrb-ThinkPad-T61:~/.tahoe$ cat tahoe.cfg # -*- mode: conf; coding: utf-8 -*- #.... sftpd enabled = true port = tcp:8022:interface=127.0.0.1 host_pubkey_file = private/ssh_host_rsa_key.pub host_privkey_file = private/ssh_host_rsa_key accounts.file = private/accounts # end nrb@nrb-ThinkPad-T61:~/.tahoe$ sshfs -o debug,sshfs_debug,loglevel=debug alice@127.0.0.1: ~/repos/sshfs/tahoe-lafs SSHFS version 2.3 FUSE library version: 2.8.6 nullpath_ok: 0 executing <ssh> <-x> <-a> <-oClearAllForwardings=yes> <-ologlevel=debug> <-2> <alice@127.0.0.1> <-s> <sftp> debug1: Reading configuration data /home/nrb/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/nrb/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/nrb/.ssh/id_rsa-cert type -1 debug1: identity file /home/nrb/.ssh/id_dsa type -1 debug1: identity file /home/nrb/.ssh/id_dsa-cert type -1 debug1: identity file /home/nrb/.ssh/id_ecdsa type -1 debug1: identity file /home/nrb/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 45:e2:de:a0:17:35:16:96:43:27:40:ab:81:a9:ce:fb debug1: Host '127.0.0.1' is known and matches the ECDSA host key. debug1: Found key in /home/nrb/.ssh/known_hosts:9 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/nrb/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Trying private key: /home/nrb/.ssh/id_dsa debug1: Trying private key: /home/nrb/.ssh/id_ecdsa debug1: Next authentication method: password alice@127.0.0.1's password: debug1: Authentications that can continue: publickey,password Permission denied, please try again. alice@127.0.0.1's password:

tahoe-lafs added the

labels 2013-10-26 20:27:54 +00:00

tahoe-lafs added this to the undecided milestone 2013-10-26 20:27:54 +00:00

nrbray commented

2013-10-26 20:44:06 +00:00

Author

Owner

I made the mistake of missing '-p 8022' so sshfs command should have:

sshfs -p 8022 alice@127.0.0.1: ~/repos/sshfs/tahoe-lafs

Perhaps the instructions could show the line above as a reminder to new users.

Also, more importantly, there was a need to run:

tahoe stop

and

tahoe start

Again, perhaps that could be added to the instructions for the new user.

I made the mistake of missing '-p 8022' so sshfs command should have: sshfs -p 8022 alice@127.0.0.1: ~/repos/sshfs/tahoe-lafs Perhaps the instructions could show the line above as a reminder to new users. Also, more importantly, there was a need to run: tahoe stop and tahoe start Again, perhaps that could be added to the instructions for the new user.

tahoe-lafs added

1.8.3

and removed

1.10.0

labels 2013-10-26 20:44:06 +00:00

tahoe-lafs added

documentation

and removed

unknown

labels 2014-01-21 20:41:36 +00:00

tahoe-lafs modified the milestone from undecided to soon

2014-01-21 20:41:36 +00:00