launchpad-dev team mailing list archive

Thread
Date

Re: anonymous ssh access to Launchpad

To: Michael Hudson-Doyle <michael.hudson@xxxxxxxxxx>
From: John Arbash Meinel <john@xxxxxxxxxxxxxxxxx>
Date: Mon, 19 Sep 2011 12:40:32 +0200
Cc: Martin Pool <mbp@xxxxxxxxxxxxx>, launchpad-dev@xxxxxxxxxxxxxxxxxxx
In-reply-to: <87fwjteekc.fsf@canonical.com>
User-agent: Mozilla/5.0 (Windows NT 6.0; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/18/2011 11:16 PM, Michael Hudson-Doyle wrote:
> On Fri, 16 Sep 2011 15:31:55 +0200, John Arbash Meinel
> <john@xxxxxxxxxxxxxxxxx> wrote: I don't know if this is relevant or
> not, but bzr follows the recommended protocol and tries to
> "auth_none" to get the list of supported protocols, and then do the
> real authentication. We did this in order to allow 'bzr push
> lp:...' to not prompt the user for a password that Launchpad won't
> support anyway.
> 
>> Funnily enough, this is related to how I ended up implementing
>> this.  I wanted to know if it was possible to offer different
>> authentication strategies to different usernames, and then I
>> found that most clients start with auth_none (which includes a
>> username), so you can support anonymous access by just allowing
>> auth_none to succeed for a particular username...
> 
> I could be wrong about what 'auth_none' is versus your anonymous 
> authentication. It also looks like we try to do RSA and then DSA 
> authentication before we do auth_none. So maybe it wouldn't change 
> anything.
> 
>> Ah yeah, I see what you mean looking at the code.  My code
>> accepts any authentication at all for the anonymous username
>> though, so if bzr finds a key and offers it, it will be accepted
>> (without looking at the key at all).  I guess this means that the
>> user might get prompted to decrypt their key and that could be a
>> bit confusing.
> 
>> All the above only applies if you're using paramiko for ssh of
>> course, openssh starts out with an auth_none request.  I guess
>> bzr tries key-based first as an effort to save a roundtrip?
> 
>> Cheers, mwh
> 

I added 'auth_none' support relatively recently (2009-07 according to
qannotate). The specific motivation was because otherwise when doing
something with lp: if your keys didn't authenticate you, you'd get a
confusing prompt for your username & password, even though Launchpad
didn't support user&pass auth.

If there is a standard somewhere, which says you should always try
'auth_none' first, we could certainly move it. It did seem a little
silly to do an auth_none round trip to find out that rsa
authentication was supported, rather than doing the rsa authentication
first. (I think if rsa fails, then you should have the list of what is
supported anyway.)

So, I'd be happy to confirm if there is a real standard, but saving a
round trip seems worthwhile, too.

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk53HCAACgkQJdeBCYSNAAOI5ACeP7LSiG0Tmv/mWZs5QSoHlWMD
2K0AoKELQb6mJk47tRDW9evaXYlxLQBI
=0UFK
-----END PGP SIGNATURE-----

Follow ups

Re: anonymous ssh access to Launchpad
From: Jonathan Lange, 2011-09-20
Re: anonymous ssh access to Launchpad
From: Martin Pool, 2011-09-19

References

anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Martin Pool, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-16
Re: anonymous ssh access to Launchpad
From: John Arbash Meinel, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-18