Created attachment 85684 [details] Diff of changes to fish.cpp to send utf8 strings to ssh instead of latin1 I used fish to access a ssh server using a key with passphrase. I am using characters that have their values different whether the charset is utf8 or latin1 (iso-8859-1). Test to reproduce the error: Precondition: remote account password or ssh key passphrase is "ètr" Test 1: - Use fish to access a remote server using for example Dolphin - A dialog prompt for the password (or passphrase of the key) - Put "ètr" in the password field and confirm - The password is refused and fish ask again for the password Test 2: - Use fish to access a remote server using for example Dolphin - A dialog prompt for the password (or passphrase of the key) - Put "ètr" in the password field and confirm - The password is accepted and fish show files of the remote server The password is read as unicode UTF16 (using QString), then kio_fish convert it to latin1 and send it to ssh. ssh expect a utf8 string. When puting "ètr" in the password prompt, the "è" character is sent to ssh as byte 0xE8. ssh read 0xE8 and it does not map to the expected character (maybe an invalid character) When puting "ètr", "è" is sent to ssh as bytes 0xC3 0xA8. ssh read these two bytes as utf8 and these bytes map to "è", it's the expected character, so the received password by ssh is "ètr" which is correct. The problem here is that fish send latin1 strings where utf8 is expected. So if I am right about that, please consider the diff fish.cpp.diff (fish.cpp.orig is the original fish.cpp file from commit e2f88ea3 (latest file version there https://projects.kde.org/projects/kde/kde-runtime/repository/revisions/master/changes/kioslave/fish/fish.cpp) I tested it and it works (tested with a prompt of key's passphrase)
Thanks for the patch, I am not sure if it should use toLocal8bit() instead. Could you please open a review request at https://git.reviewboard.kde.org/ ?
Indeed, I was using utf8 as the system encoding, but according to https://tools.ietf.org/html/rfc4252#section-5 and https://tools.ietf.org/html/rfc4252#section-8 username and password are always in utf8. But I don't know if ssh does any encoding conversion based on the system encoding. At least it seems that the passphrase is used as a byte sequence, so it's encoding is the one used when creating the ssh key. So it would be toLocal8Bit() for the passphrase at least. I just saw that ssh is started with LANG=C LC_ALL=C so maybe ssh expect something else than utf8 for the username and password. But the passphrase is in system encoding no matter the environment variables are Maybe checking if the buffer that contains ssh output contains "passphrase" and in that case, use toLocal8Bit() ?
Alexis, I cannot answer your question, since I do not understand the internals. As a member of the bug triaging team, I can only suggest you either start a thread at kde-core-devel mailing list, or a review request. In both cases, KDE developers can discuss the issue and patch better than via this bug tracker.
Any progress with the review request?
Sorry for late response, I started a thread at kde-core-devel: http://lists.kde.org/?l=kde-core-devel&m=139853883825208&w=2 Thread subject: Fish: ssh key pass-phrase prompt use wrong encoding
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version? If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
(In reply to Justin Zobel from comment #6) > Thank you for reporting this issue in KDE software. As it has been a while > since this issue was reported, can we please ask you to see if you can > reproduce the issue with a recent software version? > > If you can reproduce the issue, please change the status to "REPORTED" when > replying. Thank you! Hi, I've retested it, but I think the issue is still present as the code still uses toLatin1 for password: https://github.com/KDE/kio-extras/blob/9ade088f494726651729e1740f05d4bbc48e89b6/fish/fish.cpp#L624 In the meantime I've used passwords without special characters to avoid this issue.