DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 4A5GqnZP1773855 Authentication-Results: delorie.com; dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=c0Y7Cir4 X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 810613857731 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1730825568; bh=m4EfCmoLXQf1ajdlSJrXpFx+QdHd5GIEx7cXLoQd7Rc=; h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=c0Y7Cir4JUUMb+s36x76RRDm3Lbntn1SRsC60VIcNrNPFPK+03ASCBdZ/eOrMdZPy LotgssFzGutnYwyz89vUA7wzKOogiXY0XFjEWKI7Jit4BI6L9I4OtpqsFVYVhhQfBO /1rpVzHCh1oi1ErSiy4XRITlpgs5d9xM6Gbu5lJg= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org CA0AD3858CD9 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org CA0AD3858CD9 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1730825513; cv=none; b=fAfnZTt82lSXoJc+bqz4KZXFLy42N/0O0yXCTK8oneQCJu2mGzKS6UZekFbW/vqOADahDrxgRP5lfYoWObsvEm/yEBSRqIU3uF4J15A9PXDPybpNXjVzNdsutUJkZgYjvc0fhNwU0OOREaFu8hU7BXseQssxmUIPrhUWEXUVeJ4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1730825513; c=relaxed/simple; bh=1+5Xe50LYrC76vgyyWhAx9uwo4NSon0DlPY9g1D1QU4=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=Vu+lS80MQ59a5UZ88W64ZFZEbT+5Z8sYY3LahZ9TY0RVGkcHcjPMORQkUQMzohLZAiyzzf0UqJjUFEaIgWsrNRbz/i+0EwO9NeM4ElyxOD4mMKWw0aNB9/3o4r1mRxO/Krd8xPHLrS5DjF35KVl+MzqAuMkwiACCwG2vUUVGDYQ= ARC-Authentication-Results: i=1; server2.sourceware.org Message-ID: <6d211145-71a2-47d5-83ac-e7a3330e30ce@kircheis.it> Date: Tue, 5 Nov 2024 17:51:44 +0100 MIME-Version: 1.0 Subject: Re: cygport upload seems to ignore SSH_KEY To: cygwin AT cygwin DOT com References: <8d85bde3-8ea8-4635-8547-9846315243cf AT kircheis DOT it> <7704ca4f-00ba-41b8-897c-7558d846ec18 AT SystematicSW DOT ab DOT ca> <1fe1c4ea-83bd-4fe8-9daf-496ff6ec2c69 AT SystematicSW DOT ab DOT ca> In-Reply-To: <1fe1c4ea-83bd-4fe8-9daf-496ff6ec2c69@SystematicSW.ab.ca> X-Rspamd-Queue-Id: 4XjZ9s3688z9sv1 X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.30 List-Id: General Cygwin discussions and problem reports List-Archive: List-Post: List-Help: List-Subscribe: , From: Federico Kircheis via Cygwin Reply-To: Federico Kircheis Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "Cygwin" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 4A5GqnZP1773855 On 05/11/2024 17.01, Brian Inglis via Cygwin wrote: > On 2024-11-05 04:19, Andrew Schulman via Cygwin wrote: >>> On 2024-11-04 12:20, Federico Kircheis via Cygwin wrote: >>>> up until recently I've uploaded packages the following way >>>> export SSH_KEY=/path/to/id_rsa; >>>> cygport /path/to/file.cygport upload >>>> but today I got the following error >>>> cd: Fatal error: max-retries exceeded >>>> I've fixed it by copying my key in the .ssh folder >>>> cp $SSH_KEY ~/.ssh/id_rsa >>>> cygport /path/to/file.cygport upload >>>> So it is not blocking me, but I wanted to know if this was a known >>>> bug, or if I >>>> am the only one experiencing it. >>> >>> See >>> https://cygwin.github.io/cygport/cygport_conf.html#SSH_KEY >>> or >>> /usr/share/doc/cygport/html/manual/cygport_conf.html#SSH_KEY >>> >>> SSH_KEY >>> >>> DESCRIPTION >>> >>> Path to the SSH private key corresponding to the public key >>> registered for >>> uploading on sourceware. >>> You'll need to set this if your private key isn't already loaded into >>> a running >>> ssh-agent(1), and it doesn't have one of the expected file names such as >>> ~/.ssh/id_rsa. >>> Also, setting this allows cygport to determine if a passphrase is >>> needed to >>> decrypt the key, and only prompt you for a passphrase if it's needed. >>> Otherwise, you'll be prompted for a passphrase every time you upload. >>> >>> Instead of `ssh-agent` and `ssh-add`, you can use `keychain` in your >>> login >>> profile, which allows cross-session sharing, across X and terminal >>> sessions, and >>> logouts, for example: >>> $ eval `/usr/bin/keychain --noask --eval ~/.ssh/id_rsa` >>> then >>> $ keychain ~/.ssh/id_rsa >> >> I haven't used cygport up in a long time - I use git push now, and let >> scallywag build the packages Is this workflow described somewhere? It sounds interesting. >> - but this does seem like new wrong behavior. >> Surely he >> shouldn't have to use keychain to get cygport to work? According to >> the docs, as you cited, his method should work. > > Using keychain is just a way of setting up, persisting, and sharing > ssh-/gpg-agent sessions, so keys are kept available in long running > agent sessions, across login sessions, without requesting passphrase > input for some period. > > Likely the issue could be permissions on his alternate location key file > and directory/path, as libraries and clients are getting pickier about > security issues and vulnerabilities, and openssh was recently updated, > although cygport should diagnose any failures. > > The message itself appears likely to have come from `lftp` invoked by > `cygport ... upload` /usr/share/cygport/lib/pkg_upload.cygpart failing > to authenticate a connection, for some reason? > Yes, the error message comes from lftp, because when cd is executed it tries to connect (apparently multiple times instead of erroring out immediately, a the beginning I thought it was simply hanging). So far it seems that it should work, I'll try to gather other information next time. I also did a chmod/chwon on the file to ensure that the permission where correct. The file with the permission unchanged worked without issues when moved in ~/.ssh. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple