Bug 39155 - Cervisia lacks SSH password authentication
Summary: Cervisia lacks SSH password authentication
Status: RESOLVED FIXED
Alias: None
Product: cervisia
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR wishlist
Target Milestone: ---
Assignee: Christian Loose
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-03-09 20:48 UTC by Herman Robak
Modified: 2003-10-21 22:51 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Herman Robak 2002-03-09 20:44:16 UTC
(*** This bug was imported into bugs.kde.org ***)

Package:           bugs.kde.org
Version:           KDE 2.2.2 
Severity:          normal
Installed from:    Debian testing/unstable Packages
Compiler:          Not Specified
OS:                Linux
OS/Compiler notes: Not Specified

Cervisia can not prompt the user for a password when using SSH as access method.
 For us in the School Linux project <http://developer.skolelinux.no/> this was a show-stopper.
 I've marked it as a "bug" not a "feature request" because I consider the password prompt an essential feature for a CVS client!

(Submitted via bugs.kde.org)
Comment 1 Christian Parpart 2003-03-31 13:53:35 UTC
you must have x11-ssh-askpass installed to get this working, so it's not really a *bug*. 
 
If you don't have it, have a look at: 
http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ 
 
And then, close the bug ;-) 
 
Cheers, 
Christian Parpart. 
Comment 2 Christian Loose 2003-04-02 11:31:53 UTC
Hi Christian,

the URL you provided seems to be invalid (404 not found). But I have
script that uses the kdialog program. I will probably commit it shortly
to cvs (after some tests).

Bye
Christian L.
Comment 3 Christian Loose 2003-06-26 01:42:52 UTC
Subject: kdesdk/cervisia/cvsservice

CVS commit by cloose: 

Initial version of the SshAgent class which will later enable
the cvs DCOP service to utilize the ssh-agent program.

(not yet compiled nor used)

CCMAIL: 39155@bugs.kde.org


  A            sshagent.cpp   1.1 [LICENSE: LGPL (version 2 or later)]
  A            sshagent.h   1.1 [LICENSE: LGPL (version 2 or later)]



Comment 4 Christian Loose 2003-06-26 23:32:37 UTC
Subject: kdesdk/cervisia

CVS commit by cloose: 

* Start and stop the ssh-agent process
* Setup the cvs job environment to use it
* Change SSH_ASKPASS environment variable
   to use our cvsaskpass program

TODO:
* Maybe always use the cvsaskpass program
* Maybe only start/use ssh-agent process for :ext: repositories
* Add configuration option to GUI
* Right now this is not used Cervisia-wide but only for cvs 
   commands that are supported by the CVS DCOP service
* Improve the error handling
* TEST TEST TEST

CCMAIL: 39155@bugs.kde.org


  M +2 -0      ChangeLog   1.87
  M +14 -0     cvsservice/cvsjob.cpp   1.9
  M +11 -0     cvsservice/cvsservice.cpp   1.19


--- kdesdk/cervisia/cvsservice/cvsjob.cpp  #1.8:1.9
@@ -25,4 +25,6 @@
 #include <kprocess.h>
 
+#include "sshagent.h"
+
 
 struct CvsJob::Private
@@ -148,4 +150,16 @@ QStringList CvsJob::output() const
 bool CvsJob::execute()
 {
+    // setup job environment to use the ssh-agent (if it is running)
+    SshAgent ssh;
+    if( !ssh.pid().isEmpty() )
+    {
+        kdDebug(8051) << "PID  = " << ssh.pid() << endl;
+        kdDebug(8051) << "SOCK = " << ssh.authSock() << endl;
+
+        d->childproc->setEnvironment("SSH_AGENT_PID", ssh.pid());
+        d->childproc->setEnvironment("SSH_AUTH_SOCK", ssh.authSock());
+        d->childproc->setEnvironment("SSH_ASKPASS", "cvsaskpass");
+    }
+
     if( !d->rsh.isEmpty() )
         d->childproc->setEnvironment("CVS_RSH", d->rsh);

--- kdesdk/cervisia/cvsservice/cvsservice.cpp  #1.18:1.19
@@ -34,4 +34,5 @@
 #include "cvsserviceutils.h"
 #include "repository.h"
+#include "sshagent.h"
 
 
@@ -80,4 +81,10 @@ CvsService::CvsService()
 
     d->cvsJobs.setAutoDelete(true);
+
+    // use the existing or start a new ssh-agent
+    // TODO CL needs a configuration option.
+    //      CL do we need the return value?
+    SshAgent ssh;
+    bool res = ssh.querySshAgent();
 }
 
@@ -85,4 +92,8 @@ CvsService::CvsService()
 CvsService::~CvsService()
 {
+    // kill the ssh-agent (when we started it)
+    SshAgent ssh;
+    ssh.killSshAgent();
+
     d->cvsJobs.clear();
     delete d;

--- kdesdk/cervisia/ChangeLog  #1.86:1.87
@@ -1,4 +1,6 @@
 2003-06-26  Christian Loose  <christian.loose@hamburg.de>
 
+        * Start/Stop the ssh-agent process and setup the cvs
+           job environment to use it.
         * Initial version of our own little ssh-askpass program.
         * Initial version of the SshAgent class which will later enable


Comment 5 eva 2003-06-27 09:33:38 UTC
Hi Christian, 
 
the commercial variant of ssh lacks the SSH_ASKPASS variable, see 
http://www.ssh.com/products/security/secureshellwks/ 
We use the commercial version at our Solaris workstation at the university, because 
it has no dependencies, therefore it is easier to install and is has less security 
problems. 
Though support for openssh is fine for me (we have Solaris servers, but Linux 
clients), I just wanted to mention this ;-) 
 
Greetings, 
eva 
Comment 6 Christian Loose 2003-10-21 22:51:27 UTC
Subject: Re: Cervisia lacks SSH password authentication

Thank you for your bug report.
The feature that you requested has been implemented in the latest
development (CVS) version of KDE. The feature request will be closed.