bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Filipp Gunbin]

When I try to connect to a host and that host's key differs from what I
have in ~/.ssh/known_hosts Tramp does not handle that correctly.

SSH suspects an attack, but in my case it is not.

I suppose Tramp could show the full error message emitted by ssh.

Filipp


*Messages*:

Tramp: Opening connection for fgunbin@<myhost> using ssh...
Tramp: Sending command `exec ssh -l fgunbin  -o ControlMaster=auto -o ControlPath='tramp.%C' -o ControlPersist=no -e none <myhost>'
Tramp: Waiting for prompts from remote shell...failed
Tramp: Opening connection for fgunbin@<myhost> using ssh...failed


tramp debug buffer:

16:58:00.853274 tramp-process-one-action (5) # Looking for regexp "\(\)\'" from remote shell
16:58:00.853332 tramp-process-one-action (5) # Call `tramp-action-process-alive'
16:58:00.853511 tramp-process-actions (6) # 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:<fingerprint>.
Please contact your system administrator.
Add correct host key in /Users/fgunbin/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/fgunbin/.ssh/known_hosts:67
ECDSA host key for <myhost> has changed and you have requested strict checking.
Host key verification failed.
16:58:00.853619 tramp-process-sentinel (5) # Sentinel called: `#<process *tramp/ssh fgunbin@<myhost>*>' `exited abnormally with code 255
'
16:58:00.855144 tramp-process-actions (1) # File error: Tramp failed to connect.  If this happens repeatedly, try
    `M-x tramp-cleanup-this-connection'
16:58:00.855824 tramp-maybe-open-connection (3) # Opening connection for fgunbin@<myhost> using ssh...failed
16:58:00.858610 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.858762 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions var /ssh:fgunbin@<myhost>:/)
16:58:00.861488 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.861661 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions  /ssh:fgunbin@<myhost>:/)


Usual bug-report stuff:

In GNU Emacs 25.0.50.1 (x86_64-apple-darwin14.1.0)
 of 2015-03-12 on fgunbin.local
Repository revision: 2401274b239e837ec274b373ba0f2848faaea7b2
Configured using:
 `configure --without-all --with-xml2 --without-x --with-wide-int'

Configured features:
LIBXML2

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Michael Albinus]

Filipp Gunbin <fgunbin@fastmail.fm> writes:

> When I try to connect to a host and that host's key differs from what I
> have in ~/.ssh/known_hosts Tramp does not handle that correctly.
>
> SSH suspects an attack, but in my case it is not.
>
> I suppose Tramp could show the full error message emitted by ssh.
>
> 16:58:00.853511 tramp-process-actions (6) #
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the ECDSA key sent by the remote host is
> SHA256:<fingerprint>.
> Please contact your system administrator.
> Add correct host key in /Users/fgunbin/.ssh/known_hosts to get rid of this message.
> Offending ECDSA key in /Users/fgunbin/.ssh/known_hosts:67
> ECDSA host key for <myhost> has changed and you have requested strict checking.
> Host key verification failed.
> 16:58:00.853619 tramp-process-sentinel (5) # Sentinel called: `#<process *tramp/ssh fgunbin@<myhost>*>' `exited abnormally with code 255
> '

Usually, Tramp shows the connection buffer in this error case,
containing all these messages. Doesn't it happen for you?

It shows this buffer for 30 seconds, or until you hit a key.

> Filipp

Best regards, Michael.

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Filipp Gunbin]

On 03/04/2015 12:05 +0200, Michael Albinus wrote:

> Usually, Tramp shows the connection buffer in this error case,
> containing all these messages. Doesn't it happen for you?
>
> It shows this buffer for 30 seconds, or until you hit a key.

That's what I can reproduce now:

- change host identity in ~/.ssh/known-host
- M-x tramp-cleanup-all-connections
- C-x 4 r /ssh:user@host:/file

Now, Tramp shows correct error message from ssh.

- now, quit it with C-]
- again C-x 4 r (as above)

Now Tramp shows in the echo area: "/ssh:user@host:/file does not exist"

This is the behavior which takes place if the above steps are done
rather quickly.

If I take a pause before retrying to visit a file, ssh error message is
shown correctly.

Maybe this is not the same problem I had originally, but that's what
I'm able to reproduce right now.

Filipp

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Michael Albinus]

Filipp Gunbin <fgunbin@fastmail.fm> writes:

Hi Filipp,

> That's what I can reproduce now:
>
> - change host identity in ~/.ssh/known-host
> - M-x tramp-cleanup-all-connections
> - C-x 4 r /ssh:user@host:/file
>
> Now, Tramp shows correct error message from ssh.

OK.

> - now, quit it with C-]
> - again C-x 4 r (as above)
>
> Now Tramp shows in the echo area: "/ssh:user@host:/file does not exist"
>
> This is the behavior which takes place if the above steps are done
> rather quickly.

"rather quickly" means within 10 seconds. This is the default value of
`remote-file-name-inhibit-cache', the time Tramp keeps its cache for a
given file.

> If I take a pause before retrying to visit a file, ssh error message is
> shown correctly.

OK.

> Maybe this is not the same problem I had originally, but that's what
> I'm able to reproduce right now.

Could you, please, apply the following patch:

--8<---------------cut here---------------start------------->8---
*** /home/albinus/src/tramp/lisp/tramp.el.~master~	2015-04-10 16:34:06.421074752 +0200
--- /home/albinus/src/tramp/lisp/tramp.el	2015-04-10 16:29:29.236143227 +0200
***************
*** 3558,3563 ****
--- 3558,3565 ----
  	  (tramp-message vec 6 "\n%s" (buffer-string)))
  	(unless (eq exit 'ok)
  	  (tramp-clear-passwd vec)
+ 	  (tramp-flush-directory-property vec "")
+ 	  (tramp-flush-connection-property proc)
  	  (delete-process proc)
  	  (tramp-error-with-buffer
  	   (tramp-get-connection-buffer vec) vec 'file-error
--8<---------------cut here---------------end--------------->8---

This changes the behaviour that Tramp doesn't keep its cache anymore,
when there is an error during connection. Tramp reports that the
file/directory doesn't exist, and Emacs falls back to its default
behaviour, offering you a new empty buffer. This sounds consistent.

> Filipp

Best regards, Michael.

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Filipp Gunbin]

Michael,

On 10/04/2015 16:38 +0200, Michael Albinus wrote:

> Could you, please, apply the following patch:
>
> *** /home/albinus/src/tramp/lisp/tramp.el.~master~	2015-04-10 16:34:06.421074752 +0200
> --- /home/albinus/src/tramp/lisp/tramp.el	2015-04-10 16:29:29.236143227 +0200
> ***************
> *** 3558,3563 ****
> --- 3558,3565 ----
>   	  (tramp-message vec 6 "\n%s" (buffer-string)))
>   	(unless (eq exit 'ok)
>   	  (tramp-clear-passwd vec)
> + 	  (tramp-flush-directory-property vec "")
> + 	  (tramp-flush-connection-property proc)
>   	  (delete-process proc)
>   	  (tramp-error-with-buffer
>   	   (tramp-get-connection-buffer vec) vec 'file-error
>
> This changes the behaviour that Tramp doesn't keep its cache anymore,
> when there is an error during connection. Tramp reports that the
> file/directory doesn't exist, and Emacs falls back to its default
> behaviour, offering you a new empty buffer. This sounds consistent.

Thanks, I applied the patch (using tramp from git master), but nothing
changed.

Also, it seems that the error messages start to appear after a smaller
period of time than `remote-file-name-inhibit-cache' (which is 10,
indeed).

Filipp

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Michael Albinus]

Filipp Gunbin <fgunbin@fastmail.fm> writes:

> Michael,

Hi Filipp,

>> Could you, please, apply the following patch:
>>
>> *** /home/albinus/src/tramp/lisp/tramp.el.~master~	2015-04-10 16:34:06.421074752 +0200
>> --- /home/albinus/src/tramp/lisp/tramp.el	2015-04-10 16:29:29.236143227 +0200
>> ***************
>> *** 3558,3563 ****
>> --- 3558,3565 ----
>>   	  (tramp-message vec 6 "\n%s" (buffer-string)))
>>   	(unless (eq exit 'ok)
>>   	  (tramp-clear-passwd vec)
>> + 	  (tramp-flush-directory-property vec "")
>> + 	  (tramp-flush-connection-property proc)
>>   	  (delete-process proc)
>>   	  (tramp-error-with-buffer
>>   	   (tramp-get-connection-buffer vec) vec 'file-error
>>
>> This changes the behaviour that Tramp doesn't keep its cache anymore,
>> when there is an error during connection. Tramp reports that the
>> file/directory doesn't exist, and Emacs falls back to its default
>> behaviour, offering you a new empty buffer. This sounds consistent.
>
> Thanks, I applied the patch (using tramp from git master), but nothing
> changed.
>
> Also, it seems that the error messages start to appear after a smaller
> period of time than `remote-file-name-inhibit-cache' (which is 10,
> indeed).

Hmm, strange. Have you tested starting with "emacs -Q"?

> Filipp

Best regards, Michael.

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Filipp Gunbin]

On 16/04/2015 16:30 +0200, Michael Albinus wrote:

> Filipp Gunbin <fgunbin@fastmail.fm> writes:
>
>> Michael,
>
> Hi Filipp,
>
>>> Could you, please, apply the following patch:
>>>
>>> *** /home/albinus/src/tramp/lisp/tramp.el.~master~	2015-04-10 16:34:06.421074752 +0200
>>> --- /home/albinus/src/tramp/lisp/tramp.el	2015-04-10 16:29:29.236143227 +0200
>>> ***************
>>> *** 3558,3563 ****
>>> --- 3558,3565 ----
>>>   	  (tramp-message vec 6 "\n%s" (buffer-string)))
>>>   	(unless (eq exit 'ok)
>>>   	  (tramp-clear-passwd vec)
>>> + 	  (tramp-flush-directory-property vec "")
>>> + 	  (tramp-flush-connection-property proc)
>>>   	  (delete-process proc)
>>>   	  (tramp-error-with-buffer
>>>   	   (tramp-get-connection-buffer vec) vec 'file-error
>>>
>>> This changes the behaviour that Tramp doesn't keep its cache anymore,
>>> when there is an error during connection. Tramp reports that the
>>> file/directory doesn't exist, and Emacs falls back to its default
>>> behaviour, offering you a new empty buffer. This sounds consistent.
>>
>> Thanks, I applied the patch (using tramp from git master), but nothing
>> changed.
>>
>> Also, it seems that the error messages start to appear after a smaller
>> period of time than `remote-file-name-inhibit-cache' (which is 10,
>> indeed).
>
> Hmm, strange. Have you tested starting with "emacs -Q"?

Hi Michael, sorry for delay.

I tried with "emacs -Q -L ~/src/tramp/lisp", the result is the same.

Filipp

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Lars Ingebrigtsen]

Filipp Gunbin <fgunbin@fastmail.fm> writes:

> When I try to connect to a host and that host's key differs from what I
> have in ~/.ssh/known_hosts Tramp does not handle that correctly.
>
> SSH suspects an attack, but in my case it is not.
>
> I suppose Tramp could show the full error message emitted by ssh.

(I'm going through old bug reports that unfortunately weren't resolved
at the time.)

I tried reproducing this under "emacs -Q" with Emacs 28/29, but Tramp
pops up the full ssh message buffer, so I don't seem to be able to
reproduce the problem.  Are you still seeing the problem in recent Emacs
versions?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key

[Lars Ingebrigtsen]

Lars Ingebrigtsen <larsi@gnus.org> writes:

> I tried reproducing this under "emacs -Q" with Emacs 28/29, but Tramp
> pops up the full ssh message buffer, so I don't seem to be able to
> reproduce the problem.  Are you still seeing the problem in recent Emacs
> versions?

More information was requested, but no response was given within a
month, so I'm closing this bug report.  If the problem still exists,
please respond to this email and we'll reopen the bug report.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no