X2Go Bug report logs - #448
x2goclient won't connect with ssh agent (Q: Who was so afraid of the NSA that he disabled agent communication in x2go?)

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Stefan Baur <newsgroups.mail2@stefanbaur.de>

Date: Thu, 6 Mar 2014 17:55:02 UTC

Severity: normal

Tags: pending

Found in version 4.0.2.0

Fixed in version 4.0.2.0

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Thu, 06 Mar 2014 17:55:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
New Bug report received and forwarded. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Thu, 06 Mar 2014 17:55:02 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.x2go.org (full text, mbox):

From: Stefan Baur <newsgroups.mail2@stefanbaur.de>
To: submit@bugs.x2go.org, Mike Gabriel <mike.gabriel@das-netzwerkteam.de>, Michael DePaulo <mikedep333@gmail.com>
Subject: x2goclient won't connect with ssh agent (Q: Who was so afraid of the NSA that he disabled agent communication in x2go?)
Date: Thu, 06 Mar 2014 18:45:21 +0100
Package: x2goclient
Version: 4.0.2.0

(I'm filing this against 4.0.2.0 b/c it's still present there. If bugs
should be filed against the version they initially appeared in, please
let me know)

not affected: 4.0.0.3 with PulseAudio 0.9.6
not affected: 4.0.1.2 with PulseAudio 0.9.6
possibly affected (untested) 4.0.1.3 with PulseAudio 0.9.6
affected: 4.0.1.3+build2 with PulseAudio 0.9.6
affected: 4.0.2.0

Preface:
The followin issue has been observed on Windows; whoever takes care of
this should also check if the same issue occurs on Linux and Mac when
using the ssh agents shipped with these operating systems.

Situation:
4.0.1.2 with PulseAudio 0.9.6 and older clients allowed the use of an
external SSH agent that loads and memorizes SSH private keys (so you
don't have to re-enter your private key's passphrase whenever you try to
connect).
In my case, this SSH agent was "Pageant" from the PuTTY package.

With 4.0.1.3+build2/PA0.9.6, using the same (registry-stored) settings
as before, x2goclient.exe pops up a dialog box asking me for my private
key's password. Which it does over and over again, without ever connecting.
To me, it looks like it's asking for the password for a non-existant
private key, the key with the file name "", thus it always fails.

Assumption:
Someone tried to add/fix code regarding ssh public key authentication
(maybe something to do with bug #322?), took care of whatever issue
there was with private key file handling by x2goclient itself, but
overlooked the possibility that an external ssh agent might be involved.

Net Result:
SSH public key login using an SSH agent is effectively broken in
4.0.1.3+build2 (and possibly 4.0.1.3), up to 4.0.2.0-2014-03-06 (nightly
build), and probably still broken in the current source.

Sounds like a case for one of our two Mikes ...

-Stefan


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Fri, 07 Mar 2014 21:05:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Fri, 07 Mar 2014 21:05:01 GMT) Full text and rfc822 format available.

Message #10 received at 448@bugs.x2go.org (full text, mbox):

From: Stefan Baur <newsgroups.mail2@stefanbaur.de>
To: 448@bugs.x2go.org
Subject: Bug#448: x2goclient won't connect with ssh agent (Q: Who was so afraid of the NSA that he disabled agent communication in x2go?)
Date: Fri, 07 Mar 2014 21:55:08 +0100
Addendum:

Mike#2 suggested looking at libssh, as that was upgraded, too. So it
might be that it's not a bug in x2goclient per se, but in how libssh
talks to ssh agents.

-Stefan


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Fri, 07 Mar 2014 22:15:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Fri, 07 Mar 2014 22:15:02 GMT) Full text and rfc822 format available.

Message #15 received at 448@bugs.x2go.org (full text, mbox):

From: Stefan Baur <newsgroups.mail2@stefanbaur.de>
To: 448@bugs.x2go.org
Subject: Re: Bug#448: x2goclient won't connect with ssh agent (Q: Who was so afraid of the NSA that he disabled agent communication in x2go?)
Date: Fri, 07 Mar 2014 23:11:46 +0100
And another addendum:

Swapping out libssh.dll against a copy from an older, still working
x2goclient doesn't work. When you attempt that, x2goclient won't even start.


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Mon, 17 Mar 2014 01:40:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael DePaulo <mikedep333@gmail.com>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Mon, 17 Mar 2014 01:40:01 GMT) Full text and rfc822 format available.

Message #20 received at 448@bugs.x2go.org (full text, mbox):

From: Michael DePaulo <mikedep333@gmail.com>
To: 448@bugs.x2go.org
Subject: Linux not affected
Date: Sun, 16 Mar 2014 21:39:36 -0400
This bug was not present on the following client setup:
Fedora 20 64-bit
GNOME keyring 3.10.1 (1.fc20)
libssh 0.6.3 (1.fc20)
x2goclient 4.0.1.3 (4.fc20)


Specifically,
1. if I had not entered my passphrase for my private key into GNOME
kerying yet, then upon initiating the connection GNOME keyring would
prompt me. (X2Go Client did not prompt me.) Once it was done, X2Go
Client would connect.

2. if I had already entered my passphrase for my private key into
GNOME keyring, then upon initiating the connection, X2Go Client would
connect without any prompts.


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Mon, 17 Mar 2014 03:40:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael DePaulo <mikedep333@gmail.com>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Mon, 17 Mar 2014 03:40:01 GMT) Full text and rfc822 format available.

Message #25 received at 448@bugs.x2go.org (full text, mbox):

From: Michael DePaulo <mikedep333@gmail.com>
To: 448@bugs.x2go.org
Subject: KDE's libssh was patched for Pageant support
Date: Sun, 16 Mar 2014 23:38:04 -0400
If you compare KDE's libssh 0.5.3 src/agent.c
ftp://winkde.org/kde/ports/win32/releases/stable/latest/libssh-x86-mingw4-0.5.3-src.tar.bz2

To the vanilla libssh 0.5.3 src/agent.c
http://git.libssh.org/projects/libssh.git/tree/src/agent.c?id=libssh-0.5.3

You'll see that KDE patched it to add support for Pageant as an SSH
agent for Windows.

There's also winpgntc.c and winpgntc.h included in the KDE version,
but not in the vanilla version.

Our libssh 0.5.5 build doesn't have Pageant support:
http://git.libssh.org/projects/libssh.git/tree/src/agent.c?id=libssh-0.5.5

And neither does libssh 0.6.3:
http://git.libssh.org/projects/libssh.git/tree/src/agent.c?id=libssh-0.6.3
Or the current (2014-03-16) HEAD:
http://git.libssh.org/projects/libssh.git/tree/src/agent.c

So right now I need to find the applied patch they applied.

The src.tar.bz2 file contains patches, but only for CVE
vunlerabilities. I do not see .patch files for this feature, it is
already applied to the source.


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Mon, 17 Mar 2014 03:55:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael DePaulo <mikedep333@gmail.com>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Mon, 17 Mar 2014 03:55:02 GMT) Full text and rfc822 format available.

Message #30 received at 448@bugs.x2go.org (full text, mbox):

From: Michael DePaulo <mikedep333@gmail.com>
To: 448@bugs.x2go.org
Subject: Here's the patch
Date: Sun, 16 Mar 2014 23:52:54 -0400
Sorry for the long URL, but we can download the patch that KDE used
for libssh 0.5.3 here:
http://code.ohloh.net/project?pid=bnCaBd3Jo9I&prevcid=1&did=portage%2Fwin32libs%2Flibssh&cid=9zDTNiYDvV0&fp=305438&projSelected=true

Based on the dates in the files,
0001-implement-support-for-putty-s-pageant-0.5.3.patch supercedes
0001-implement-support-for-putty-s-pageant.patch


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Mon, 17 Mar 2014 11:05:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Mon, 17 Mar 2014 11:05:01 GMT) Full text and rfc822 format available.

Message #35 received at 448@bugs.x2go.org (full text, mbox):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Michael DePaulo <mikedep333@gmail.com>, 448@bugs.x2go.org
Subject: Re: [X2Go-Dev] Bug#448: Here's the patch
Date: Mon, 17 Mar 2014 11:00:11 +0000
[Message part 1 (text/plain, inline)]
Hi Michael,

On  Mo 17 Mär 2014 04:52:54 CET, Michael DePaulo wrote:

> Sorry for the long URL, but we can download the patch that KDE used
> for libssh 0.5.3 here:
> http://code.ohloh.net/project?pid=bnCaBd3Jo9I&prevcid=1&did=portage%2Fwin32libs%2Flibssh&cid=9zDTNiYDvV0&fp=305438&projSelected=true
>
> Based on the dates in the files,
> 0001-implement-support-for-putty-s-pageant-0.5.3.patch supercedes
> 0001-implement-support-for-putty-s-pageant.patch

You are AWESOME!!!

Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Wed, 19 Mar 2014 12:20:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael DePaulo <mikedep333@gmail.com>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Wed, 19 Mar 2014 12:20:01 GMT) Full text and rfc822 format available.

Message #40 received at 448@bugs.x2go.org (full text, mbox):

From: Michael DePaulo <mikedep333@gmail.com>
To: 448@bugs.x2go.org
Subject: Thanks Alex
Date: Wed, 19 Mar 2014 08:18:10 -0400
Oleksandr Shneyder provided a patched libssh 0.5.5 build and I added
it to our nightly build system. Both Stefan and I verified that it
fixes the bug.

We might move the location of the build, but for now it is here:
http://code.x2go.org/releases/libssh-with-pagent.patch/


Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Wed, 19 Mar 2014 12:25:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike DePaulo <mikedep333@gmail.com>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Wed, 19 Mar 2014 12:25:02 GMT) Full text and rfc822 format available.

Message #45 received at 448@bugs.x2go.org (full text, mbox):

From: Mike DePaulo <mikedep333@gmail.com>
To: 448-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 448@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as pending for release
Date: Wed, 19 Mar 2014 13:23:48 +0100 (CET)
tag #448 pending
fixed #448 4.0.2.0
thanks

Hello,

X2Go issue #448 (src:x2goclient) reported by you has been
fixed in X2Go Git. You can see the changelog below, and you can
check the diff of the fix at:

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=ed2c005

The issue will most likely be fixed in src:x2goclient (4.0.2.0).

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
commit ed2c00559188166d824063b266310245d3c54d37
Author: Mike DePaulo <mikedep333@gmail.com>
Date:   Wed Mar 19 08:23:33 2014 -0400

    Windows: Reapply KDE on Windows's patch for Pageant support to libssh 0.5.5. (Fixes: #448)

diff --git a/debian/changelog b/debian/changelog
index 90d98ef..14ae6df 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -55,6 +55,8 @@ x2goclient (4.0.2.0-0x2go1) UNRELEASED; urgency=low
     - Windows: Upgrade included PulseAudio from 1.1 to 5.0.
       The 5.0 build is patched for X2Go bug #363. and available here:
       https://build.opensuse.org/project/show/home:mikedep333:branches:home:mkbosmans:mingw32:pulseaudio
+    - Windows: Reapply KDE on Windows's patch for Pageant support to
+      libssh 0.5.5. (Fixes: #448)
 
  -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Wed, 22 Jan 2014 09:20:08 +0100
 


Added tag(s) pending. Request was from Mike DePaulo <mikedep333@gmail.com> to control@bugs.x2go.org. (Wed, 19 Mar 2014 12:25:02 GMT) Full text and rfc822 format available.

Marked as fixed in versions 4.0.2.0. Request was from Mike DePaulo <mikedep333@gmail.com> to control@bugs.x2go.org. (Wed, 19 Mar 2014 12:25:02 GMT) Full text and rfc822 format available.

Message sent on to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
Bug#448. (Wed, 19 Mar 2014 12:25:03 GMT) Full text and rfc822 format available.

Information forwarded to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>:
Bug#448; Package x2goclient. (Thu, 10 Apr 2014 11:55:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>. (Thu, 10 Apr 2014 11:55:07 GMT) Full text and rfc822 format available.

Message #57 received at 448@bugs.x2go.org (full text, mbox):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: 448-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 448@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as closed
Date: Thu, 10 Apr 2014 13:52:14 +0200 (CEST)
close #448
thanks

Hello,

we are very hopeful that X2Go issue #448 reported by you
has been resolved in the new release (4.0.2.0) of the
X2Go source project »src:x2goclient«.

You can view the complete changelog entry of src:x2goclient (4.0.2.0)
below, and you can use the following link to view all the code changes
between this and the last release of src:x2goclient.

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=cbe900f245206ad9bd62d0fbaf226da1b3ffc44e;hp=f7cdada8c57c45ee9ea3b6c42bd680fae26d728c

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:x2goclient.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:x2goclient
Version: 4.0.2.0-0x2go1
Status: RELEASE
Date: Thu, 10 Apr 2014 13:47:56 +0200
Fixes: 138 349 422 440 446 448 453
Changes: 
 x2goclient (4.0.2.0-0x2go1) RELEASED; urgency=low
 .
   [ Oleksandr Shneyder ]
   * New upstream version (4.0.2.0):
     - Revrite SSH Classes to support libssh fix.
     - Add Class HelpDialog to show options in scroll area.
     - Fix authentication on SSH Broker with key + passphrase.
     - Set modmap timer timeout to 10 sec on Mac.
     - Fix running xmodmap if X2Go Client not started from terminal.
     - Setting keyboard modifiers with xmodmap.
     - Fix multimonitor support on Linux.
     - Display more version info. Parameters --version, --git, --changelog.
     - Don't show GUI dialog for --version, --help, etc, if started
       from terminal on linux and mac.
     - If no user in session config, display system username in pass form.
     - Check if txt/changelog and txt/git exist on config phase.
       Rename option "--git" to "--git-info".
     - Change x2goclient.nsi for nightly builds.
 .
   [ Josh Lukens ]
   * New upstream version (4.0.2.0):
     - Switch to QNetworkAccessManager. Appropriately set content type
       header to "application/x-www-form-urlencoded" for HTTP post
       requests. (Fixes: #440, #138).
     - Fix copy+paste errors in QNetworkAccessManager code.
     - Provide support for dynamic authentication IDs. This is
       a requirement for using the broker client against brokers
       that use some sort of OTP authentication mechanism.
       (Fixes: #446).
 .
   [ Mike Gabriel ]
   * New upstream version (4.0.2.0):
     - Drop create_text.sh again, implement changelog copying
       in distro build files. Implement Git history creation for
       nightly builds in build scripts.
     - Rename txt/git to txt/git-info (make it compliant with cmdline
       options).
     - Allow starting shadow sessions from the command line with
       option --hidden being enabled. (Fixes: #349).
   * debian/control:
     + Build-depend on libssh-dev (>= 0.5.4-2).
     + Bump Standards: to 3.9.5. No changes needed.
   * debian/rules:
     + Copy debian/changelog into txt/ subfolder during dh_auto_configure.
     + Create txt/git-info files for ChangeLog.git if it exists.
   * x2goclient.spec:
     + Copy ChangeLog (or debian/changelog) into txt/ subfolder during
       %setup.
     + Copy ChangeLog.gitlog (if present) into txt/ subfolder during %setup.
     + B-R (epel-7): man2html-core (same as for Fedora builds).
 .
   [ Mike DePaulo ]
   * New upstream version (4.0.2.0):
     - Decrease HelpDialog's tab width from 320 to 30
       (the width of 10 spaces.) (Fixes: #453)
     - Windows: Fix compatibility with PulseAudio 3.0 & later through
       new cookie handling. (Fixes: #422)
     - Windows: Upgrade included PulseAudio from 1.1 to 5.0.
       The 5.0 build is patched for X2Go bug #363. and available here:
         https://build.opensuse.org/project/show/home:mikedep333:branches:home:\
         mkbosmans:mingw32:pulseaudio
     - Windows: Reapply KDE on Windows's patch for Pageant support to
       libssh 0.5.5. (Fixes: #448)


Marked Bug as done Request was from Mike Gabriel <mike.gabriel@das-netzwerkteam.de> to control@bugs.x2go.org. (Thu, 10 Apr 2014 11:55:10 GMT) Full text and rfc822 format available.

Notification sent to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
Bug acknowledged by developer. (Thu, 10 Apr 2014 11:55:10 GMT) Full text and rfc822 format available.

Message sent on to Stefan Baur <newsgroups.mail2@stefanbaur.de>:
Bug#448. (Thu, 10 Apr 2014 11:55:15 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.x2go.org> to internal_control@bugs.x2go.org. (Fri, 09 May 2014 05:24:01 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Fri Jul 19 19:00:28 2019; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.