Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
Yes, I totally agree. There is no security advantage to be gained. For our case, any user (and reviewboard has its own user) on our network has a password protected rsa key pair so to set up reviewboard required some hoops to be jumped through. Allowing a password just makes setup simpler :) Back to the OT I definitely think a more informative key error message would be good, i.e. why is the rsa key i provided bad? Tim On Tuesday, April 30, 2013 9:19:11 PM UTC+1, mamta.n...@gmail.com wrote: > > Hi, > I'm trying to upload an id_rsa private key to reviewboard to authenticate > with Git repo, but it fails with the error > Uploading SSH key failed: This SSH key is not a valid RSA or DSS key > > Permissions on id_rsa were set using chmod 600 > > Thanks, > M > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
On 2013-05-02 06:36, Tim wrote: On Wednesday, May 1, 2013 8:35:18 PM UTC+1, Matthew Woehlke wrote: On 2013-05-01 07:23, Tim wrote: Review Board won't handle password protected private keys. If you entered a passphrase when generating the key then I found ReviewBoard can't handle it. Well... yeah. Where would RB store the pass-phrase? :-) Same place it's stores all the other passwords? Admittedly, this is a feature that imho is missing. The problem is that the SSH pass-phrase must be stored in a way that access to the stored data is sufficient to unlock the key. As such, the most benefit you get over a key without a pass-phrase is (maybe) the ability to store the pass-phrase in a different disk location from the SSH key. As that seems to me to be of only marginal benefit, this is probably why pass-phrase protected keys are not supported; there is not enough benefit to warrant the feature. ...or do you know something I don't why this would be valuable? If by 'other passwords' you're thinking about user login passwords, keep in mind that these are more like storing *public* keys; it is relatively safe for them to be exposed because they are only useful for verifying user-supplied private keys (i.e. the user's password), and cannot be used themselves to gain access to any resources. Basically, any token that can be used to gain access to a resource (e.g. an SSH private key, password for a remote web service) can only be protected by restricting physical access to the token. That means either file permissions, or never storing the token on the machine in the first place (e.g. passwords). The latter case can only be achieved with SSH keys by requiring interactive unlocking. If you require that RB can use the token without manual interaction, then there is no significant advantage to storing the token in two pieces (pass-phrase protected key plus pass-phrase) versus one piece (unprotected key). If you *really* need secure tokens, then I think your only option is to manually start the server from within an ssh-agent that has been initialized with your manually-unlocked keys. -- Matthew -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
Same place it's stores all the other passwords? Admittedly, this is a feature that imho is missing. Tim On Wednesday, May 1, 2013 8:35:18 PM UTC+1, Matthew Woehlke wrote: > > On 2013-05-01 07:23, Tim wrote: > > Review Board won't handle password protected private keys. If you > entered a > > passphrase when generating the key then I found ReviewBoard can't handle > it. > > Well... yeah. Where would RB store the pass-phrase? :-) > > -- > Matthew > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
On 2013-05-01 07:23, Tim wrote: Review Board won't handle password protected private keys. If you entered a passphrase when generating the key then I found ReviewBoard can't handle it. Well... yeah. Where would RB store the pass-phrase? :-) -- Matthew -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
Review Board won't handle password protected private keys. If you entered a passphrase when generating the key then I found ReviewBoard can't handle it. BAD: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,85167E3A8D2D8131CEEFC74E556378BC qg1I0mSPigMqCKLx4jDX/ueLhOmerA3qiqCMY+bqRjeC7nJFoMDrPFgwkQZrJc5W etc. GOOD: -BEGIN RSA PRIVATE KEY- MIIEowIBAAKCAQEAmAsqAA0z5dTFrP/fYAAG0yefvyJVOp7OfQC0XhxsFMs2gkGa etc. Tim On Tuesday, April 30, 2013 9:19:11 PM UTC+1, mamta.n...@gmail.com wrote: > > Hi, > I'm trying to upload an id_rsa private key to reviewboard to authenticate > with Git repo, but it fails with the error > Uploading SSH key failed: This SSH key is not a valid RSA or DSS key > > Permissions on id_rsa were set using chmod 600 > > Thanks, > M > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
Hi, We use Paramiko, an SSH library written in Python, for all SSH key verification. I've never seen it fail before except when something that was not a private SSH key was thrown at it (a garbage file or a public key). Does the file start with "BEGIN RSA PRIVATE KEY-" and end with "-END RSA PRIVATE KEY-" ? Christian -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org Beanbag, Inc. - http://www.beanbaginc.com On Apr 30, 2013, at 1:19 PM, mamta.nanav...@gmail.com wrote: > Hi, > I'm trying to upload an id_rsa private key to reviewboard to authenticate > with Git repo, but it fails with the error > Uploading SSH key failed: This SSH key is not a valid RSA or DSS key > > Permissions on id_rsa were set using chmod 600 > > Thanks, > M > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > --- > You received this message because you are subscribed to the Google Groups > "reviewboard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to reviewboard+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Trying to upload an id_rsa gives Uploading SSH key failed: This SSH key is not a valid RSA or DSS key error.
Hi, I'm trying to upload an id_rsa private key to reviewboard to authenticate with Git repo, but it fails with the error Uploading SSH key failed: This SSH key is not a valid RSA or DSS key Permissions on id_rsa were set using chmod 600 Thanks, M -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.