DKIM-Filter:	OpenDKIM Filter v2.11.0 delorie.com 4A5GqnZP1773855
Authentication-Results:	delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=c0Y7Cir4
X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 810613857731
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1730825568;
	bh=m4EfCmoLXQf1ajdlSJrXpFx+QdHd5GIEx7cXLoQd7Rc=;
	h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	From;
	b=c0Y7Cir4JUUMb+s36x76RRDm3Lbntn1SRsC60VIcNrNPFPK+03ASCBdZ/eOrMdZPy
	LotgssFzGutnYwyz89vUA7wzKOogiXY0XFjEWKI7Jit4BI6L9I4OtpqsFVYVhhQfBO
	/1rpVzHCh1oi1ErSiy4XRITlpgs5d9xM6Gbu5lJg=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.2 sourceware.org CA0AD3858CD9
ARC-Filter:	OpenARC Filter v1.0.0 sourceware.org CA0AD3858CD9
ARC-Seal:	i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1730825513; cv=none;
	b=fAfnZTt82lSXoJc+bqz4KZXFLy42N/0O0yXCTK8oneQCJu2mGzKS6UZekFbW/vqOADahDrxgRP5lfYoWObsvEm/yEBSRqIU3uF4J15A9PXDPybpNXjVzNdsutUJkZgYjvc0fhNwU0OOREaFu8hU7BXseQssxmUIPrhUWEXUVeJ4=
ARC-Message-Signature:	i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1730825513; c=relaxed/simple;
	bh=1+5Xe50LYrC76vgyyWhAx9uwo4NSon0DlPY9g1D1QU4=;
	h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From;
	b=Vu+lS80MQ59a5UZ88W64ZFZEbT+5Z8sYY3LahZ9TY0RVGkcHcjPMORQkUQMzohLZAiyzzf0UqJjUFEaIgWsrNRbz/i+0EwO9NeM4ElyxOD4mMKWw0aNB9/3o4r1mRxO/Krd8xPHLrS5DjF35KVl+MzqAuMkwiACCwG2vUUVGDYQ=
ARC-Authentication-Results:	i=1; server2.sourceware.org
Message-ID:	<6d211145-71a2-47d5-83ac-e7a3330e30ce@kircheis.it>
Date:	Tue, 5 Nov 2024 17:51:44 +0100
MIME-Version:	1.0
Subject:	Re: cygport upload seems to ignore SSH_KEY
To:	cygwin AT cygwin DOT com
References:	<8d85bde3-8ea8-4635-8547-9846315243cf AT kircheis DOT it>
	<7704ca4f-00ba-41b8-897c-7558d846ec18 AT SystematicSW DOT ab DOT ca>
	<nlvjij9vha7u1j71seri65tfg21o7ua3im AT 4ax DOT com>
	<1fe1c4ea-83bd-4fe8-9daf-496ff6ec2c69 AT SystematicSW DOT ab DOT ca>
In-Reply-To:	<1fe1c4ea-83bd-4fe8-9daf-496ff6ec2c69@SystematicSW.ab.ca>
X-Rspamd-Queue-Id:	4XjZ9s3688z9sv1
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Federico Kircheis via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	Federico Kircheis <federico AT kircheis DOT it>
Sender:	"Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>
X-MIME-Autoconverted:	from base64 to 8bit by delorie.com id 4A5GqnZP1773855

On 05/11/2024 17.01, Brian Inglis via Cygwin wrote:
> On 2024-11-05 04:19, Andrew Schulman via Cygwin wrote:
>>> On 2024-11-04 12:20, Federico Kircheis via Cygwin wrote:
>>>> up until recently I've uploaded packages the following way
>>>> export SSH_KEY=/path/to/id_rsa;
>>>> cygport /path/to/file.cygport upload
>>>> but today I got the following error
>>>> cd: Fatal error: max-retries exceeded
>>>> I've fixed it by copying my key in the .ssh folder
>>>> cp $SSH_KEY ~/.ssh/id_rsa
>>>> cygport /path/to/file.cygport upload
>>>> So it is not blocking me, but I wanted to know if this was a known 
>>>> bug, or if I
>>>> am the only one experiencing it.
>>>
>>> See
>>>     https://cygwin.github.io/cygport/cygport_conf.html#SSH_KEY
>>> or
>>>     /usr/share/doc/cygport/html/manual/cygport_conf.html#SSH_KEY
>>>
>>> SSH_KEY
>>>
>>> DESCRIPTION
>>>
>>> Path to the SSH private key corresponding to the public key 
>>> registered for
>>> uploading on sourceware.
>>> You'll need to set this if your private key isn't already loaded into 
>>> a running
>>> ssh-agent(1), and it doesn't have one of the expected file names such as
>>> ~/.ssh/id_rsa.
>>> Also, setting this allows cygport to determine if a passphrase is 
>>> needed to
>>> decrypt the key, and only prompt you for a passphrase if it's needed.
>>> Otherwise, you'll be prompted for a passphrase every time you upload.
>>>
>>> Instead of `ssh-agent` and `ssh-add`, you can use `keychain` in your 
>>> login
>>> profile, which allows cross-session sharing, across X and terminal 
>>> sessions, and
>>> logouts, for example:
>>>     $ eval `/usr/bin/keychain --noask --eval ~/.ssh/id_rsa`
>>> then
>>>     $ keychain ~/.ssh/id_rsa
>>
>> I haven't used cygport up in a long time - I use git push now, and let 
>> scallywag build the packages

Is this workflow described somewhere?
It sounds interesting.

>> - but this does seem like new wrong behavior. 
>> Surely he
>> shouldn't have to use keychain to get cygport to work? According to 
>> the docs, as you cited, his method should work.
> 
> Using keychain is just a way of setting up, persisting, and sharing 
> ssh-/gpg-agent sessions, so keys are kept available in long running 
> agent sessions, across login sessions, without requesting passphrase 
> input for some period.
> 
> Likely the issue could be permissions on his alternate location key file 
> and directory/path, as libraries and clients are getting pickier about 
> security issues and vulnerabilities, and openssh was recently updated, 
> although cygport should diagnose any failures.
> 
> The message itself appears likely to have come from `lftp` invoked by
> `cygport ... upload` /usr/share/cygport/lib/pkg_upload.cygpart failing 
> to authenticate a connection, for some reason?
> 

Yes, the error message comes from lftp, because when cd is executed it 
tries to connect (apparently multiple times instead of erroring out 
immediately, a the beginning I thought it was simply hanging).

So far it seems that it should work, I'll try to gather other 
information next time.

I also did a chmod/chwon on the file to ensure that the permission where 
correct.
The file with the permission unchanged worked without issues when moved 
in ~/.ssh.


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -