From unknown Thu Apr 16 23:39:05 2026 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#1003 closed by X2Go Release Manager (X2Go issue (in src:x2goclient) has been marked as closed) Message-ID: References: <20160919041606.CB3FE5DA94@ymir.das-netzwerkteam.de> X-X2go-PR-Keywords: pending X-X2go-PR-Message: they-closed 1003 X-X2go-PR-Package: x2goclient X-X2go-PR-Source: x2goclient Date: Mon, 19 Sep 2016 04:20:11 +0000 Content-Type: multipart/mixed; boundary="----------=_1474258811-14177-0" This is a multi-part message in MIME format... ------------=_1474258811-14177-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the x2goclient package: #1003: x2goclient sshd (for folder sharing) weak host key It has been closed by X2Go Release Manager . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact X2Go Release Manager <= git-admin@x2go.org> by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1474258811-14177-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 19 Sep 2016 04:16:33 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.9 required=3.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 2C3625DA99; Mon, 19 Sep 2016 06:16:14 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KHoopCq2Ws3E; Mon, 19 Sep 2016 06:16:07 +0200 (CEST) Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id CB3FE5DA94; Mon, 19 Sep 2016 06:16:06 +0200 (CEST) From: X2Go Release Manager To: 1003-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 1003@bugs.x2go.org Subject: X2Go issue (in src:x2goclient) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20160919041606.CB3FE5DA94@ymir.das-netzwerkteam.de> Date: Mon, 19 Sep 2016 06:16:06 +0200 (CEST) close #1003 thanks Hello, we are very hopeful that X2Go issue #1003 reported by you has been resolved in the new release (4.0.5.2) of the X2Go source project »src:x2goclient«. You can view the complete changelog entry of src:x2goclient (4.0.5.2) below, and you can use the following link to view all the code changes between this and the last release of src:x2goclient. http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=81f6a8140cd077c41b27f68c8d4e3a2bf0e23f5e;hp=c80b04add271dcdac482c2526708a21b0ec4932c If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:x2goclient. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:x2goclient Version: 4.0.5.2-0x2go1 Status: RELEASE Date: Mon, 19 Sep 2016 06:13:14 +0200 Fixes: 1003 1019 1027 1036 1079 Changes: x2goclient (4.0.5.2-0x2go1) RELEASED; urgency=medium . [ Klaus Ade Johnstad ] * New upstream version (4.0.5.2): - res/i18n/x2goclient_nb_no.ts: update Bokmål (Norway) translation file. . [ Mihai Moldovan ] * New upstream release (4.0.5.2): - res/i18n/x2goclient_nb_no.ts: fixup translation by respecting the original messages' format, typo fixes and other changes. - res/i18n/x2goclient_fi.ts: fixup translation by respecting the original messages' format and other changes. - src/{ongetpass,onmainwindow}.cpp: fixup QPlastiqueStyle usage on Qt5. This particular style has been removed/replaced by Fusion, which incorporates features of both Plastique and Clearlooks styles. - x2goclient.spec: whitespace only. - src/onmainwindow.cpp: add (default) MacPorts prefix, /usr/local/bin and /opt/X11/bin to x2goclient's environment and child environments before starting xmodmap. Fixes: #1019. Requires a re-release of X2Go Client for OS X. - src/x2goutils.{cpp,h}: add new function add_to_path () to add multiple entries to a PATH-like string if they do not exist in there yet. - src/onmainwindow.cpp: replace old code to modify the PATH value with the new add_to_path () function. - src/{onmainwindow,sshmasterconnection}.cpp: refactoring and whitespace only changes following up the #1027 patch. - src/onmainwindow.h: add new enum for selecting SSH host key types. - src/onmainwindow.h: rename ONMainWindow::generateHostDsaKey () to ONMainWindow::generateHostKey () and make key type selectible. Fixes: #1003. Host key type selection currently only works within the code. Replace calls to former ONMainWindow::generateHostDsaKey () with the generalized function and request an RSA-type key. - src/help.cpp: actually make help descriptions translatable. Looks ugly and is cumbersome to use, but there seems to be no other way to do that... - src/help.h: typo fix in comment only. - src/onmainwindow.cpp: add some comments related to maybe using add_to_path (). - src/onmainwindow.cpp: work around changed SSH host key locations in OS X 10.11+. Fixes: #1079. Also check /etc/ssh/ for keys. - src/onmainwindow.cpp: fix last commit by using QFileInfo instead of QDir. This lets us use the exists () member function correctly. - {nsis/x2goclient.nsi,res/i18n/x2goclient_{da,es,et,fi,nl,zh_tw}.ts}: replace left-overs of "X2go" with the correct "X2Go" spelling. This mostly touches obsolete strings and file names, that need to be cleaned, but it's still worthwhile to not have it show up when searching for the old string. Given that NTFS is normally case-insensitive, removing the files will still work. * debian/control: - Maintainer change in package: X2Go Developers . - Uploaders: add myself. Also, force a rebuild due to the changed versioning. . [ Mike DePaulo ] * New upstream release (4.0.5.2): - Windows: add sshd debug1 logging when using the --debug flag. - Windows: Revert back to Cygwin components that have not been "rebased" - Windows: Update PuTTY from 0.66 to 0.67, which fixes CVE-2016-2563. - Windows: Update bundled Win32 OpenSSL from 1.0.1q to 1.0.1t, which fixes the multiple CVEs announced on 2016-01-28, 2016-03-01 & 2016-05-03. . [ Martti Pitkänen ] * New upstream version (4.0.5.2): - res/i18n/x2goclient_fi.ts: update Finnish translation file. - res/i18n/x2goclient_fi.ts: update Finnish translation file. . [ Sébastien Ducoulombier ] * New upstream version (4.0.5.2): - misc {src/,x2goclient.pro}: port to Qt5. . [ Tor Perkins ] * New upstream release (4.0.5.2): - src/{onmainwindow,sshmasterconnection}.{cpp,h}: add support for ANSI X9.9 OTP tokens. Fixes: #1027. For this to work correctly, the challenge string needs to be displayed to the user. - src/sshmasterconnection.cpp: add support for Mobile OTP tokens and references for the other token types. Fixes: #1036. . [ Oleksandr Shneyder ] * New upstream release (4.0.5.2): - reset session data in broker config. - add "--no-autoresume" parameter. . [ Peter Barth ] * New upstream release (4.0.5.2): - res/i18n/x2goclient_de.ts: fix typo in close message. ------------=_1474258811-14177-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 25 Feb 2016 15:17:30 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.8 required=3.0 tests=BAYES_50,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 7CF8C5DA97 for ; Thu, 25 Feb 2016 16:17:28 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uKUzuZJuYCT1 for ; Thu, 25 Feb 2016 16:17:22 +0100 (CET) X-Greylist: delayed 2305 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Thu, 25 Feb 2016 16:17:22 CET Received: from mail.hetzner.company (mail.hetzner.company [213.133.106.242]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6AE405DA82 for ; Thu, 25 Feb 2016 16:17:22 +0100 (CET) Received: from [78.46.134.130] (helo=[10.200.1.57]) by mail.hetzner.company with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1aYx5N-0002GT-Uq for submit@bugs.x2go.org; Thu, 25 Feb 2016 15:40:10 +0100 To: submit@bugs.x2go.org From: Florian Wicke - Hetzner Online GmbH Subject: x2goclient sshd (for folder sharing) weak host key Message-ID: <56CF1213.9080407@hetzner.de> Date: Thu, 25 Feb 2016 15:39:15 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d" X-Authenticated-Sender: florian.wicke@hetzner.de This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d Content-Type: multipart/mixed; boundary="96D4BS79n5r399HUHlkTfhnE2CcMtOVRx" From: Florian Wicke - Hetzner Online GmbH To: submit@bugs.x2go.org Message-ID: <56CF1213.9080407@hetzner.de> Subject: x2goclient sshd (for folder sharing) weak host key --96D4BS79n5r399HUHlkTfhnE2CcMtOVRx Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Package: x2goclient The sshd (sshd.exe) spawned by x2goclient for things like the folder sharing is creating a DSA HostKey. Even if this sshd is only listening on localhost and is accessed through the ssh tunnel from the X2Go server this might lead to connections errors if the ssh_config of the server is configured to not allow connections to these weak (1024 bit) DSA HostKeys. I would advice increasing this to at least 2048 bit RSA host keys or even elliptic curve host keys if available. Best regards, Florian Wicke Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Tel: +49 9831 505-187 Fax: +49 9831 505-387 florian.wicke@hetzner.de www.hetzner.de Registergericht Ansbach, HRB 6089 Gesch=C3=A4ftsf=C3=BChrer: Martin Hetzner --96D4BS79n5r399HUHlkTfhnE2CcMtOVRx-- --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCgAGBQJWzxIVAAoJEAn0falXoNhDBKsIAIXIKJZtPa+3K4cL092aErfn OmmhG64U7E8n0IJzHKmTF6zdygFa4+rcNAUNgwHMnp/OO8HYL6NliySQuxGnKRqn uqkpvlUdM4oyVMpXHcEu+4IR4hjmUOPArDsZP+d4ReGblgTlaPyH8HmsyWqN4fLC cWEQtaoQfJum4OcyXVMLPNYpAcD9LYqN7KS8OXtNzCnzvr3fv5dtDjx2SMc67DI3 VIrZn0VDAGGisuQBknQghmQ0Cc4GmMyW4AqZ8b7Jpu+BXX6Qlm3ID1P7Niy5Q0Ql HDPyTo5wXKR8RYoigyMIBGXxJlnfyYcjSmZTm8Bn23TGF5ji2sTBEzghZ798vi4= =SAsh -----END PGP SIGNATURE----- --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d-- ------------=_1474258811-14177-0--