* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
@ 2015-04-02 14:10 Filipp Gunbin
2015-04-03 10:05 ` Michael Albinus
2022-01-24 16:12 ` Lars Ingebrigtsen
0 siblings, 2 replies; 9+ messages in thread
From: Filipp Gunbin @ 2015-04-02 14:10 UTC (permalink / raw)
To: 20246
When I try to connect to a host and that host's key differs from what I
have in ~/.ssh/known_hosts Tramp does not handle that correctly.
SSH suspects an attack, but in my case it is not.
I suppose Tramp could show the full error message emitted by ssh.
Filipp
*Messages*:
Tramp: Opening connection for fgunbin@<myhost> using ssh...
Tramp: Sending command `exec ssh -l fgunbin -o ControlMaster=auto -o ControlPath='tramp.%C' -o ControlPersist=no -e none <myhost>'
Tramp: Waiting for prompts from remote shell...failed
Tramp: Opening connection for fgunbin@<myhost> using ssh...failed
tramp debug buffer:
16:58:00.853274 tramp-process-one-action (5) # Looking for regexp "\(\)\'" from remote shell
16:58:00.853332 tramp-process-one-action (5) # Call `tramp-action-process-alive'
16:58:00.853511 tramp-process-actions (6) #
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:<fingerprint>.
Please contact your system administrator.
Add correct host key in /Users/fgunbin/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/fgunbin/.ssh/known_hosts:67
ECDSA host key for <myhost> has changed and you have requested strict checking.
Host key verification failed.
16:58:00.853619 tramp-process-sentinel (5) # Sentinel called: `#<process *tramp/ssh fgunbin@<myhost>*>' `exited abnormally with code 255
'
16:58:00.855144 tramp-process-actions (1) # File error: Tramp failed to connect. If this happens repeatedly, try
`M-x tramp-cleanup-this-connection'
16:58:00.855824 tramp-maybe-open-connection (3) # Opening connection for fgunbin@<myhost> using ssh...failed
16:58:00.858610 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.858762 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions var /ssh:fgunbin@<myhost>:/)
16:58:00.861488 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.861661 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions /ssh:fgunbin@<myhost>:/)
Usual bug-report stuff:
In GNU Emacs 25.0.50.1 (x86_64-apple-darwin14.1.0)
of 2015-03-12 on fgunbin.local
Repository revision: 2401274b239e837ec274b373ba0f2848faaea7b2
Configured using:
`configure --without-all --with-xml2 --without-x --with-wide-int'
Configured features:
LIBXML2
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-02 14:10 bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key Filipp Gunbin
@ 2015-04-03 10:05 ` Michael Albinus
2015-04-09 20:07 ` Filipp Gunbin
2022-01-24 16:12 ` Lars Ingebrigtsen
1 sibling, 1 reply; 9+ messages in thread
From: Michael Albinus @ 2015-04-03 10:05 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: 20246
Filipp Gunbin <fgunbin@fastmail.fm> writes:
> When I try to connect to a host and that host's key differs from what I
> have in ~/.ssh/known_hosts Tramp does not handle that correctly.
>
> SSH suspects an attack, but in my case it is not.
>
> I suppose Tramp could show the full error message emitted by ssh.
>
> 16:58:00.853511 tramp-process-actions (6) #
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the ECDSA key sent by the remote host is
> SHA256:<fingerprint>.
> Please contact your system administrator.
> Add correct host key in /Users/fgunbin/.ssh/known_hosts to get rid of this message.
> Offending ECDSA key in /Users/fgunbin/.ssh/known_hosts:67
> ECDSA host key for <myhost> has changed and you have requested strict checking.
> Host key verification failed.
> 16:58:00.853619 tramp-process-sentinel (5) # Sentinel called: `#<process *tramp/ssh fgunbin@<myhost>*>' `exited abnormally with code 255
> '
Usually, Tramp shows the connection buffer in this error case,
containing all these messages. Doesn't it happen for you?
It shows this buffer for 30 seconds, or until you hit a key.
> Filipp
Best regards, Michael.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-03 10:05 ` Michael Albinus
@ 2015-04-09 20:07 ` Filipp Gunbin
2015-04-10 14:38 ` Michael Albinus
0 siblings, 1 reply; 9+ messages in thread
From: Filipp Gunbin @ 2015-04-09 20:07 UTC (permalink / raw)
To: Michael Albinus; +Cc: 20246
On 03/04/2015 12:05 +0200, Michael Albinus wrote:
> Usually, Tramp shows the connection buffer in this error case,
> containing all these messages. Doesn't it happen for you?
>
> It shows this buffer for 30 seconds, or until you hit a key.
That's what I can reproduce now:
- change host identity in ~/.ssh/known-host
- M-x tramp-cleanup-all-connections
- C-x 4 r /ssh:user@host:/file
Now, Tramp shows correct error message from ssh.
- now, quit it with C-]
- again C-x 4 r (as above)
Now Tramp shows in the echo area: "/ssh:user@host:/file does not exist"
This is the behavior which takes place if the above steps are done
rather quickly.
If I take a pause before retrying to visit a file, ssh error message is
shown correctly.
Maybe this is not the same problem I had originally, but that's what
I'm able to reproduce right now.
Filipp
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-09 20:07 ` Filipp Gunbin
@ 2015-04-10 14:38 ` Michael Albinus
2015-04-14 18:52 ` Filipp Gunbin
0 siblings, 1 reply; 9+ messages in thread
From: Michael Albinus @ 2015-04-10 14:38 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: 20246
Filipp Gunbin <fgunbin@fastmail.fm> writes:
Hi Filipp,
> That's what I can reproduce now:
>
> - change host identity in ~/.ssh/known-host
> - M-x tramp-cleanup-all-connections
> - C-x 4 r /ssh:user@host:/file
>
> Now, Tramp shows correct error message from ssh.
OK.
> - now, quit it with C-]
> - again C-x 4 r (as above)
>
> Now Tramp shows in the echo area: "/ssh:user@host:/file does not exist"
>
> This is the behavior which takes place if the above steps are done
> rather quickly.
"rather quickly" means within 10 seconds. This is the default value of
`remote-file-name-inhibit-cache', the time Tramp keeps its cache for a
given file.
> If I take a pause before retrying to visit a file, ssh error message is
> shown correctly.
OK.
> Maybe this is not the same problem I had originally, but that's what
> I'm able to reproduce right now.
Could you, please, apply the following patch:
--8<---------------cut here---------------start------------->8---
*** /home/albinus/src/tramp/lisp/tramp.el.~master~ 2015-04-10 16:34:06.421074752 +0200
--- /home/albinus/src/tramp/lisp/tramp.el 2015-04-10 16:29:29.236143227 +0200
***************
*** 3558,3563 ****
--- 3558,3565 ----
(tramp-message vec 6 "\n%s" (buffer-string)))
(unless (eq exit 'ok)
(tramp-clear-passwd vec)
+ (tramp-flush-directory-property vec "")
+ (tramp-flush-connection-property proc)
(delete-process proc)
(tramp-error-with-buffer
(tramp-get-connection-buffer vec) vec 'file-error
--8<---------------cut here---------------end--------------->8---
This changes the behaviour that Tramp doesn't keep its cache anymore,
when there is an error during connection. Tramp reports that the
file/directory doesn't exist, and Emacs falls back to its default
behaviour, offering you a new empty buffer. This sounds consistent.
> Filipp
Best regards, Michael.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-10 14:38 ` Michael Albinus
@ 2015-04-14 18:52 ` Filipp Gunbin
2015-04-16 14:30 ` Michael Albinus
0 siblings, 1 reply; 9+ messages in thread
From: Filipp Gunbin @ 2015-04-14 18:52 UTC (permalink / raw)
To: Michael Albinus; +Cc: 20246
Michael,
On 10/04/2015 16:38 +0200, Michael Albinus wrote:
> Could you, please, apply the following patch:
>
> *** /home/albinus/src/tramp/lisp/tramp.el.~master~ 2015-04-10 16:34:06.421074752 +0200
> --- /home/albinus/src/tramp/lisp/tramp.el 2015-04-10 16:29:29.236143227 +0200
> ***************
> *** 3558,3563 ****
> --- 3558,3565 ----
> (tramp-message vec 6 "\n%s" (buffer-string)))
> (unless (eq exit 'ok)
> (tramp-clear-passwd vec)
> + (tramp-flush-directory-property vec "")
> + (tramp-flush-connection-property proc)
> (delete-process proc)
> (tramp-error-with-buffer
> (tramp-get-connection-buffer vec) vec 'file-error
>
> This changes the behaviour that Tramp doesn't keep its cache anymore,
> when there is an error during connection. Tramp reports that the
> file/directory doesn't exist, and Emacs falls back to its default
> behaviour, offering you a new empty buffer. This sounds consistent.
Thanks, I applied the patch (using tramp from git master), but nothing
changed.
Also, it seems that the error messages start to appear after a smaller
period of time than `remote-file-name-inhibit-cache' (which is 10,
indeed).
Filipp
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-14 18:52 ` Filipp Gunbin
@ 2015-04-16 14:30 ` Michael Albinus
2015-05-08 10:36 ` Filipp Gunbin
0 siblings, 1 reply; 9+ messages in thread
From: Michael Albinus @ 2015-04-16 14:30 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: 20246
Filipp Gunbin <fgunbin@fastmail.fm> writes:
> Michael,
Hi Filipp,
>> Could you, please, apply the following patch:
>>
>> *** /home/albinus/src/tramp/lisp/tramp.el.~master~ 2015-04-10 16:34:06.421074752 +0200
>> --- /home/albinus/src/tramp/lisp/tramp.el 2015-04-10 16:29:29.236143227 +0200
>> ***************
>> *** 3558,3563 ****
>> --- 3558,3565 ----
>> (tramp-message vec 6 "\n%s" (buffer-string)))
>> (unless (eq exit 'ok)
>> (tramp-clear-passwd vec)
>> + (tramp-flush-directory-property vec "")
>> + (tramp-flush-connection-property proc)
>> (delete-process proc)
>> (tramp-error-with-buffer
>> (tramp-get-connection-buffer vec) vec 'file-error
>>
>> This changes the behaviour that Tramp doesn't keep its cache anymore,
>> when there is an error during connection. Tramp reports that the
>> file/directory doesn't exist, and Emacs falls back to its default
>> behaviour, offering you a new empty buffer. This sounds consistent.
>
> Thanks, I applied the patch (using tramp from git master), but nothing
> changed.
>
> Also, it seems that the error messages start to appear after a smaller
> period of time than `remote-file-name-inhibit-cache' (which is 10,
> indeed).
Hmm, strange. Have you tested starting with "emacs -Q"?
> Filipp
Best regards, Michael.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-16 14:30 ` Michael Albinus
@ 2015-05-08 10:36 ` Filipp Gunbin
0 siblings, 0 replies; 9+ messages in thread
From: Filipp Gunbin @ 2015-05-08 10:36 UTC (permalink / raw)
To: Michael Albinus; +Cc: 20246
On 16/04/2015 16:30 +0200, Michael Albinus wrote:
> Filipp Gunbin <fgunbin@fastmail.fm> writes:
>
>> Michael,
>
> Hi Filipp,
>
>>> Could you, please, apply the following patch:
>>>
>>> *** /home/albinus/src/tramp/lisp/tramp.el.~master~ 2015-04-10 16:34:06.421074752 +0200
>>> --- /home/albinus/src/tramp/lisp/tramp.el 2015-04-10 16:29:29.236143227 +0200
>>> ***************
>>> *** 3558,3563 ****
>>> --- 3558,3565 ----
>>> (tramp-message vec 6 "\n%s" (buffer-string)))
>>> (unless (eq exit 'ok)
>>> (tramp-clear-passwd vec)
>>> + (tramp-flush-directory-property vec "")
>>> + (tramp-flush-connection-property proc)
>>> (delete-process proc)
>>> (tramp-error-with-buffer
>>> (tramp-get-connection-buffer vec) vec 'file-error
>>>
>>> This changes the behaviour that Tramp doesn't keep its cache anymore,
>>> when there is an error during connection. Tramp reports that the
>>> file/directory doesn't exist, and Emacs falls back to its default
>>> behaviour, offering you a new empty buffer. This sounds consistent.
>>
>> Thanks, I applied the patch (using tramp from git master), but nothing
>> changed.
>>
>> Also, it seems that the error messages start to appear after a smaller
>> period of time than `remote-file-name-inhibit-cache' (which is 10,
>> indeed).
>
> Hmm, strange. Have you tested starting with "emacs -Q"?
Hi Michael, sorry for delay.
I tried with "emacs -Q -L ~/src/tramp/lisp", the result is the same.
Filipp
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2015-04-02 14:10 bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key Filipp Gunbin
2015-04-03 10:05 ` Michael Albinus
@ 2022-01-24 16:12 ` Lars Ingebrigtsen
2022-02-22 1:05 ` Lars Ingebrigtsen
1 sibling, 1 reply; 9+ messages in thread
From: Lars Ingebrigtsen @ 2022-01-24 16:12 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: 20246
Filipp Gunbin <fgunbin@fastmail.fm> writes:
> When I try to connect to a host and that host's key differs from what I
> have in ~/.ssh/known_hosts Tramp does not handle that correctly.
>
> SSH suspects an attack, but in my case it is not.
>
> I suppose Tramp could show the full error message emitted by ssh.
(I'm going through old bug reports that unfortunately weren't resolved
at the time.)
I tried reproducing this under "emacs -Q" with Emacs 28/29, but Tramp
pops up the full ssh message buffer, so I don't seem to be able to
reproduce the problem. Are you still seeing the problem in recent Emacs
versions?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
2022-01-24 16:12 ` Lars Ingebrigtsen
@ 2022-02-22 1:05 ` Lars Ingebrigtsen
0 siblings, 0 replies; 9+ messages in thread
From: Lars Ingebrigtsen @ 2022-02-22 1:05 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: 20246
Lars Ingebrigtsen <larsi@gnus.org> writes:
> I tried reproducing this under "emacs -Q" with Emacs 28/29, but Tramp
> pops up the full ssh message buffer, so I don't seem to be able to
> reproduce the problem. Are you still seeing the problem in recent Emacs
> versions?
More information was requested, but no response was given within a
month, so I'm closing this bug report. If the problem still exists,
please respond to this email and we'll reopen the bug report.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2022-02-22 1:05 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-04-02 14:10 bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key Filipp Gunbin
2015-04-03 10:05 ` Michael Albinus
2015-04-09 20:07 ` Filipp Gunbin
2015-04-10 14:38 ` Michael Albinus
2015-04-14 18:52 ` Filipp Gunbin
2015-04-16 14:30 ` Michael Albinus
2015-05-08 10:36 ` Filipp Gunbin
2022-01-24 16:12 ` Lars Ingebrigtsen
2022-02-22 1:05 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.