On Wed, May 23, 2018 at 6:39 AM, Gordon Messmer <gordon.mess...@gmail.com> wrote:
> On 05/22/2018 06:41 AM, Gianluca Cecchi wrote: > >> >> Do you have number of bugzilla? >> > > https://bugzilla.gnome.org/show_bug.cgi?id=795699 > > https://bugzilla.redhat.com/show_bug.cgi?id=1568895 > > Thanks for the links, I'll observe them and eventually contribute. Actually latest updates brought in better (if you mind usability) or worse (if you mind security) behavior, not covered in the two bugs... In fact now if I connect to a system with the key that has a passphrase from gnome-terminal, I can log in without even being asked about passphrase the first time??? I supposed at least across reboots there should be any cache maintained in this sense, if this is the case.... How can I check and eventually delete thsi cache to test and replicate behavior? Example ssh session: [g.cecchi@ope46 ~]$ ssh target_system Last login: Thu May 24 10:05:26 2018 from ope46.mydomain [g.cecchi@target_system ~]$ [g.cecchi@ope46 ~]$ ssh -v target_system OpenSSH_7.7p1, OpenSSL 1.1.0h-fips 27 Mar 2018 debug1: Reading configuration data /home/g.cecchi/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 54: Applying options for * debug1: Connecting to target_system [10.4.5.157] port 22. debug1: Connection established. debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_rsa-cert type -1 debug1: identity file /home/g.cecchi/.ssh/id_dsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_ed25519-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_xmss type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/g.cecchi/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_7.7 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000 debug1: Authenticating to target_system:22 as 'g.cecchi' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: umac...@openssh.com compression: none debug1: kex: client->server cipher: aes128-ctr MAC: umac...@openssh.com compression: none debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16 debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: got SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: ssh-rsa SHA256:Q7lZSzT+e8X2W8vBlb/oF54JLfMdWwPbUtNwnLlOvBU debug1: Host 'target_system' is known and matches the RSA host key. debug1: Found key in /home/g.cecchi/.ssh/known_hosts:334 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 4294967296 blocks debug1: Skipping ssh-rsa key g.cecchi@ope46.mydomain - not in PubkeyAcceptedKeyTypes debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1000) debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1000) debug1: Next authentication method: publickey debug1: Offering public key: DSA SHA256:EyG8zjKsHLLbHGsG5hewWh5m2iX9WIyB4XkIKcndq6w /home/g.cecchi/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 434 debug1: Authentication succeeded (publickey). Authenticated to target_system ([10.4.5.157]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: Sending environment. debug1: Sending env LANG = en_US.utf8 debug1: Sending env XMODIFIERS = @im=ibus Last login: Thu May 24 10:09:58 2018 from ope46.mydomain [g.cecchi@target_system ~]$ Possible relevant updates between others, from this morning: gnome-terminal.x86_64 3.28.2-1.fc28 pam.x86_64 1.3.1-1.fc28 Gianluca
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org/message/BCHPSQMZVSGQFCECXAAT2YSM662S2MAG/
