Re: [fossil-users] Password prompt with SSH protocol on Windows?
On 11.12.2015 06:19, Andy Bradford said: >> when called as a process [1]. I don't know if this can be solved >> inside fossil; a workaround is to use a modified plink, e.g. that from >> TortoiseSVN. > > You can configure Fossil to use the modified plink. Use: > > fossil clone --ssh-command /path/to/modified/plink.exe -T -e none ... That is exactly what I've done (and more, i.e. "fossil settings --global ssh-command PATH"). > >> Still there seems to be another problem with fossil: it does not pass >> the password to plink when it was given on the command line as in >> user:pass@host:port. > This is because Fossil does not interact with SSH, the end user does. > Fossil forks an SSH command, and you, the user, interact with any > prompts the SSH process issues. When you have completed entering > password information into SSH, Fossil now has a set of encrypted pipes > to read/write to via stdin/stdout. I agree. Still the documentation (e.g. fossil clone) mentions this possibility for ssh URL's ([userid[:password]@]host), so in my opinion either fossil passes the password further to plink (it cannot do this on Linux to ssh, since that one has no password argument), or it removes this altogether from documentation. Would it be an idea to detect the case Windows and no Pageant (or maybe add some new "-p" fossil argument) and implement password prompt inside fossil? Just contemplating... Side note: as for the security risk, I agree in principle, but since the user has already decided to type in his password on fossil's command line, the evil is there and passing it to plink makes it no worse. Daniel ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On Fri, Dec 11, 2015 at 01:54:21PM -0700, Warren Young wrote: > On Dec 11, 2015, at 1:38 PM, jungle Boogiewrote: > > > > Man page for tar: > > http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tar.1?query=tar > > Scroll down to AUTHORS and HISTORY: it’s not bsdtar. > > Pity. > > NetBSD doesn’t ship bsdtar in base, either. Yeah, it is on my list of things I need to fix :) NetBSD does have unzip(1) though. Joerg ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Password prompt with SSH protocol on Windows?
On Dec 11, 2015, at 3:18 PM, Daniel Dumitriuwrote: > >> Why can’t you just use SSH keys? The wish for automated login without >> leaking passwords is exactly the problem they solve. > I can and I do. But maybe other users cannot Why “cannot”? I get “will not,” but “CAN” not? You’re asking for Fossil to add a way for your users to shoot themselves in the foot, when there is a perfectly sensible alternative available. PuTTY ships with a tool that can create SSH keys. > By the way: Does the whole reasoning not hold for https URLs? They allow > a password on the command line, too. No, because HTTP basic authentication is a thing: http://fossil-users.fossil-scm.narkive.com/ClIwmXcA/command-line-option-for-http-auth If you’re using Fossil + HTTP basic auth + HTTPS, then yes, putting the password in the URL is a problem. But, Fossil can get the password interactively instead, remember it, and send it in HTTPS instead, so no foot-shooting. >>> Side note: as for the security risk, I agree in principle, but since the >>> user has already decided to type in his password on fossil's command >>> line, the evil is there and passing it to plink makes it no worse. >> >> A password interactively typed into ssh/plink is as secure as the box it’s >> running on. > My example was for cases where the user does *not* type his password > into plink since, well, vanilla plink launched by another process does > not prompt for a password - the initial reason for my post. Sorry, I’m not terribly familiar with PuTTY. I use Cygwin OpenSSH or SecureCRT on Windows wherever possible. I’d say take it up with the plink developers, then. It *should* do interactive prompting in this case. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Password prompt with SSH protocol on Windows?
> Why can’t you just use SSH keys? The wish for automated login without > leaking passwords is exactly the problem they solve. I can and I do. But maybe other users cannot, and they get tempted by that :password bit. Or they like to carry on a stick plink next to their fossil executable, so they are really portable and not depend on the host's software. By the way: Does the whole reasoning not hold for https URLs? They allow a password on the command line, too. >> remove this altogether from documentation. > Agreed. Was done. The user name is still cut off at a possible colon (now undocumented), but I guess that's ok, given the usual [a-z_][a-z0-9_-]*[$] rule for user names. >> Side note: as for the security risk, I agree in principle, but since the >> user has already decided to type in his password on fossil's command >> line, the evil is there and passing it to plink makes it no worse. > > A password interactively typed into ssh/plink is as secure as the box it’s > running on. My example was for cases where the user does *not* type his password into plink since, well, vanilla plink launched by another process does not prompt for a password - the initial reason for my post. Maybe it is best to mention this issue in the (html) documentation and suggest alternatives, i.e. either use TortoisePlink or plink -i (or Pageant, of course). Daniel ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On 11 December 2015 at 12:51, Richard Hippwrote: > On 12/11/15, jungle Boogie wrote: >> Hello, >> >> OpenBSDs base image doesn't come with unzip, so I propose OpenBSD's >> installer be made into a tar.gz file, like the source tarball >> download: >> https://www.fossil-scm.org/download.html >> > > The OpenBSD download is now a tarball rather than a ZIP. That's great! It turns out the fossil binary won't work on x64 anyway so I need to compile from source. At least others will be able to take benefit of using your tarball! > > -- > D. Richard Hipp > d...@sqlite.org -- --- inum: 883510009027723 sip: jungleboo...@sip2sip.info xmpp: jungle-boo...@jit.si ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On Dec 11, 2015, at 12:30 PM, jungle Boogiewrote: > > OpenBSDs base image doesn't come with unzip, so I propose OpenBSD's > installer be made into a tar.gz file, like the source tarball > download: > https://www.fossil-scm.org/download.html OpenBSD is perfectly in the right to leave non-POSIX tools out of the base install. gzip-aware tar isn’t POSIX, either, but it’s been a de facto standard for about a decade now. It’s not just in GNU tar and bsdtar, it’s even in BusyBox and Solaris. So yeah, binaries intended for *all* POSIX platforms should be gzip-compressed tarballs. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
[fossil-users] openBSD package download request: zip to tar.gz
Hello, OpenBSDs base image doesn't come with unzip, so I propose OpenBSD's installer be made into a tar.gz file, like the source tarball download: https://www.fossil-scm.org/download.html If there's a method to unzip Fossil with tools in the base image, I'd be interested to know about them. Thanks, Sean -- --- inum: 883510009027723 sip: jungleboo...@sip2sip.info xmpp: jungle-boo...@jit.si ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On Dec 11, 2015, at 12:30 PM, jungle Boogiewrote: > > If there's a method to unzip Fossil with tools in the base image, I'd > be interested to know about them. While I stand by my previous reply, I was just reading the libarchive.org main page, and discovered that both bsdtar and bsdcpio will read many more file types than the traditional one-tool-one-format philosophy…including zip! I don’t have an OpenBSD box handy, but “tar xvf foo.zip” works here on OS X, which uses bsdtar. Weird, but helpful. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On Dec 11, 2015, at 1:29 PM, jungle Boogiewrote: > > On 11 December 2015 at 12:16, Warren Young wrote: >> I don’t have an OpenBSD box handy, but “tar xvf foo.zip” works here on OS X, >> which uses bsdtar. > > > What do you suppose this means, then? > > $ tar xvf fossil-openbsd-x86-1.34.zip > tar: Cannot identify format. Searching... > tar: Cpio file name length 22531 is out of range I think it means OpenBSD either doesn’t ship bsdtar + libarchive, or it’s from a time before it got autodetection of zip files. Say “man tar”. If you don’t get something like this near the top, it doesn’t have the feature I tested here on OS X: DESCRIPTION tar creates and manipulates streaming archive files. This implementation can extract from tar, pax, cpio, zip, jar, ar, and ISO 9660 cdrom images and can create tar, pax, cpio, ar, and shar archives. Which version of OpenBSD are you running? Latest, or something older? ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On 11 December 2015 at 12:34, Warren Youngwrote: > Which version of OpenBSD are you running? Latest, or something older? A snapshot from earlier this week. Man page for tar: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tar.1?query=tar I see bzip and gzip for 'zip'. -- --- inum: 883510009027723 sip: jungleboo...@sip2sip.info xmpp: jungle-boo...@jit.si ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On 11 December 2015 at 12:16, Warren Youngwrote: > I don’t have an OpenBSD box handy, but “tar xvf foo.zip” works here on OS X, > which uses bsdtar. What do you suppose this means, then? $ tar xvf fossil-openbsd-x86-1.34.zip tar: Cannot identify format. Searching... tar: Cpio file name length 22531 is out of range tar: Invalid header, starting valid header search. tar: Cpio file name in header is corrupted tar: Cpio file name length 31168 is out of range tar: Cpio file name length 3681 is out of range tar: Cpio file name length 13025 is out of range tar: Cpio file name length 3692 is out of range tar: Cpio file name length 9687 is out of range tar: Cpio file name length 14367 is out of range tar: Cpio file name length 57596 is out of range tar: Cpio file name length 49399 is out of range tar: Cpio file name length 3572 is out of range tar: Cpio file name length 43638 is out of range tar: Cpio file name length 45895 is out of range tar: Cpio file name length 10983 is out of range tar: Cpio file name length 18398 is out of range tar: Cpio file name length 52078 is out of range tar: Cpio file name length 39435 is out of range tar: Cpio file name length 14515 is out of range tar: Cpio file name length 21538 is out of range tar: Cpio file name length 44773 is out of range tar: Cpio file name length 41069 is out of range tar: Cpio file name length 57383 is out of range tar: Cpio file name length 48930 is out of range tar: Cpio file name length 63883 is out of range tar: Cpio file name length 63435 is out of range tar: Cpio file name length 32114 is out of range tar: Cpio file name length 8154 is out of range tar: Cpio file name length 29181 is out of range tar: Cpio file name length 27700 is out of range tar: Cpio file name length 30330 is out of range tar: Cpio file name length 9128 is out of range tar: Cpio file name length 50363 is out of range tar: Cpio file name length 42692 is out of range tar: Cpio file name length 39506 is out of range tar: Cpio file name length 56192 is out of range tar: Cpio file name length 11996 is out of range tar: End of archive volume 1 reached -- --- inum: 883510009027723 sip: jungleboo...@sip2sip.info xmpp: jungle-boo...@jit.si ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Password prompt with SSH protocol on Windows?
On Dec 11, 2015, at 2:59 AM, Daniel Dumitriuwrote: > > the documentation (e.g. fossil clone) mentions this > possibility for ssh URL's ([userid[:password]@]host), so in my opinion > either fossil passes the password further to plink Interesting. It has a -pw flag for this. (That is, “interesting” in the ancient Chinese curse sense.) > (it cannot do this on > Linux to ssh, since that one has no password argument) Yes, on purpose. Standard Linux distros allow any user to snoop on the command line arguments to any other user’s process. A password argument will also get logged in your shell’s history file, in the sudo log, etc. Password flags are a horrible idea if you care about security, which presumably you *do* if you’re using SSH. (Else, just use HTTP, no “S”.) That is all just as true on Windows: the process table is walkable by normal user processes (e.g. Task Manager), PowerShell and the Cygwin shells keep a command history, etc. Therefore, the use of plink -pw is highly suspect on Windows. Why can’t you just use SSH keys? The wish for automated login without leaking passwords is exactly the problem they solve. (And they solve additional problems, like the relatively low entropy of most user passwords.) > remove this altogether from documentation. Agreed. > Side note: as for the security risk, I agree in principle, but since the > user has already decided to type in his password on fossil's command > line, the evil is there and passing it to plink makes it no worse. A password interactively typed into ssh/plink is as secure as the box it’s running on. That is to say, the password is secure as long as the box doesn’t have a keylogger running on it, or a rogue admin-level process that uses the OS’s debugging hooks to snoop plink’s RAM, or… And if you do have such a process running on your system, you’ve already lost control of your data, so the time to worry about security has passed. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On 12/11/15, jungle Boogiewrote: > Hello, > > OpenBSDs base image doesn't come with unzip, so I propose OpenBSD's > installer be made into a tar.gz file, like the source tarball > download: > https://www.fossil-scm.org/download.html > The OpenBSD download is now a tarball rather than a ZIP. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] openBSD package download request: zip to tar.gz
On Dec 11, 2015, at 1:38 PM, jungle Boogiewrote: > > Man page for tar: > http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tar.1?query=tar Scroll down to AUTHORS and HISTORY: it’s not bsdtar. Pity. NetBSD doesn’t ship bsdtar in base, either. DragonFly BSD and FreeBSD do, though. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users