launchpad-dev team mailing list archive

Thread
Date

Re: anonymous ssh access to Launchpad

To: John Arbash Meinel <john@xxxxxxxxxxxxxxxxx>
From: Martin Pool <mbp@xxxxxxxxxxxxx>
Date: Tue, 20 Sep 2011 08:52:08 +1000
Cc: Michael Hudson-Doyle <michael.hudson@xxxxxxxxxx>, launchpad-dev@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4E771C20.1070900@arbash-meinel.com>
Sender: martinpool@xxxxxxxxx

On 19 September 2011 20:40, John Arbash Meinel <john@xxxxxxxxxxxxxxxxx> wrote:
>>> Ah yeah, I see what you mean looking at the code.  My code
>>> accepts any authentication at all for the anonymous username
>>> though, so if bzr finds a key and offers it, it will be accepted
>>> (without looking at the key at all).  I guess this means that the
>>> user might get prompted to decrypt their key and that could be a
>>> bit confusing.

Perhaps it will avoid confusion for the server to decline key
authentication and wait for the client to offer 'none'.

> If there is a standard somewhere, which says you should always try
> 'auth_none' first, we could certainly move it. It did seem a little
> silly to do an auth_none round trip to find out that rsa
> authentication was supported, rather than doing the rsa authentication
> first. (I think if rsa fails, then you should have the list of what is
> supported anyway.)
>
> So, I'd be happy to confirm if there is a real standard, but saving a
> round trip seems worthwhile, too.

I think it's definitely worth trying the most likely one first (key
auth) unless there's a problem with that.

m

References

anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Martin Pool, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-16
Re: anonymous ssh access to Launchpad
From: John Arbash Meinel, 2011-09-16
Re: anonymous ssh access to Launchpad
From: Michael Hudson-Doyle, 2011-09-18
Re: anonymous ssh access to Launchpad
From: John Arbash Meinel, 2011-09-19