Friday, 2021-03-05

« Thursday, 2021-03-04 Index Saturday, 2021-03-06 »
*** tosky has quit IRC00:11
*** yoctozepto has quit IRC00:13
*** yoctozepto has joined #openstack-infra00:13
*** gryf has quit IRC00:18
*** gryf has joined #openstack-infra00:21
*** hamalq has quit IRC00:26
*** jamesdenton has quit IRC00:46
*** jamesden_ has joined #openstack-infra00:46
*** ajitha has joined #openstack-infra00:51
tkajinamOne of my colleagues is seeing "Permission Denied" wen ssh'ing to gerrit but his username and ssh key in gerrit seems to be correct. Is there any suggestion about the items we should check next ?01:03
clarkbtkajinam: is this on fedora33 and is the key an rsa key?01:03
clarkbif so they disabled rsa + sha1 hashes in their default openssh configs. rsa + sha2 hashes would work except the way openssh works is if the server doesn't say which hash it can do it falls back to sha1 and gerrit's java sshd doesn't tell the client.01:04
clarkbI think our suggestion in this case is to use a non rsa key if you are a fedora user01:05
clarkbif this isn't the case then I would try ssh -p 29418 -vvv user@review.opendev.org gerrit ls-projects and see if that offers any clues. If it works you'll get a project listing if it doesn't something in the ssh client output should indicate why01:05
tkajinamclarkb, thanks. let me check with him.01:06
clarkbother things to check include make sure you are talking to port 29418 (the default 22 doesn't know about your gerrit user)01:06
tkajinamI'm checking the output of ssh -vv but I think you pointed out the cause01:08
tkajinamI see sha1 is used there instead of sha201:08
clarkbtkajinam: and it is a fedora 33 installation?01:08
tkajinamclarkb, yes.01:08
clarkbthat is likely it. You should be able to work around this with an ed25519 keypair or ecdsa keypair. Another option is to edit your openssh settings to all rsa + sha101:09
clarkbwe don't like recommending that second option because we don't want to subvert security defaults chosen by your platform01:09
tkajinamyeah I agree01:09
clarkbnote that openssh proper has deprecated rsa + sha1 but not disabled it by default like fedora has. One thing fedora could do to make this work better is fall back to rsa + sha2 instead of rsa + sha1 if the server doesn't specify. rsa + sha1 is going to fail anyway so may as well try to make rsa + sha2 work first then fail if it can't work either01:11
clarkbthe ssh rfc indicates this fallback will change at some point in the future (likely when they disable sha1 by default)01:12
tkajinamunderstood01:12
clarkbwe've also tried to convince the mina sshd developers that they should properly support the extension to advertise the rsa variants but their messaging has basically been don't use rsa :/01:12
clarkband with that I must now go help with dinner. I'm sure others will still be around if using a different key type doesn't help, but I'm reasonably confident that is the issue if on fedora 33 and using rsa01:13
tkajinamclarkb, yeah I'm still waiting feedback but that is exactly the cause as per the log I got01:14
tkajinamclarkb, thanks again !01:15
*** wolsen has quit IRC01:46
*** ihti[m] has quit IRC01:49
*** wolsen has joined #openstack-infra02:06
*** jamesmcarthur has quit IRC02:12
*** jamesmcarthur has joined #openstack-infra02:13
*** jamesmcarthur has quit IRC02:13
*** jamesmcarthur has joined #openstack-infra02:13
*** rlandy|bbl is now known as rlandy02:31
*** jamesmcarthur has quit IRC02:41
*** jamesmcarthur has joined #openstack-infra02:41
*** irclogbot_3 has quit IRC02:52
*** irclogbot_0 has joined #openstack-infra02:55
*** rlandy has quit IRC03:02
*** gyee has quit IRC03:08
*** psachin has joined #openstack-infra03:36
*** jamesden_ has quit IRC04:25
*** jamesdenton has joined #openstack-infra04:25
*** jamesmcarthur has quit IRC04:27
*** redrobot has quit IRC04:27
*** jamesmcarthur has joined #openstack-infra04:27
*** redrobot has joined #openstack-infra04:30
*** jamesmcarthur has quit IRC04:32
*** redrobot has quit IRC04:35
*** redrobot has joined #openstack-infra04:35
*** ykarel has joined #openstack-infra04:38
*** jamesmcarthur has joined #openstack-infra04:51
*** dviroel has quit IRC05:10
*** jamesmcarthur has quit IRC05:36
*** ykarel has quit IRC05:50
*** ykarel has joined #openstack-infra05:53
*** rcernin has quit IRC06:00
*** ykarel_ has joined #openstack-infra06:08
*** ykarel has quit IRC06:10
*** ykarel_ is now known as ykarel06:10
*** vishalmanchanda has joined #openstack-infra06:24
*** bnemec has quit IRC06:43
*** bnemec has joined #openstack-infra06:44
*** openstackgerrit has joined #openstack-infra06:48
openstackgerritMerged openstack/project-config master: Add an nl01.opendev.org config  https://review.opendev.org/c/openstack/project-config/+/77697906:48
*** slaweq has joined #openstack-infra06:59
*** redrobot has quit IRC07:00
*** sboyron has joined #openstack-infra07:02
*** ralonsoh has joined #openstack-infra07:03
*** piotrowskim has joined #openstack-infra07:09
*** dhill has quit IRC07:25
*** eolivare has joined #openstack-infra07:30
*** dhill has joined #openstack-infra07:34
*** jamesmcarthur has joined #openstack-infra07:36
*** jamesmcarthur has quit IRC07:40
*** zzzeek has quit IRC07:52
*** zzzeek has joined #openstack-infra07:53
*** lpetrut has joined #openstack-infra08:00
*** dklyle has quit IRC08:01
*** zzzeek has quit IRC08:08
*** zzzeek has joined #openstack-infra08:09
*** rpittau|afk is now known as rpittau08:21
*** gfidente|afk is now known as gfidente08:32
*** zzzeek has quit IRC08:40
*** zzzeek has joined #openstack-infra08:41
*** zzzeek has quit IRC08:42
*** zzzeek has joined #openstack-infra08:43
*** ociuhandu has joined #openstack-infra08:44
*** hashar has joined #openstack-infra08:50
*** jpena|off is now known as jpena08:54
*** lucasagomes has joined #openstack-infra09:04
*** derekh has joined #openstack-infra09:14
*** tosky has joined #openstack-infra09:23
*** gtema has joined #openstack-infra09:39
gtemacan please somebody help with https://zuul.opendev.org/t/openstack/build/df4bccca827f47b99def27c7de789b83 (docs job get SSH key changed)09:40
*** dviroel has joined #openstack-infra10:18
*** hashar has quit IRC11:03
*** hashar has joined #openstack-infra11:04
*** ociuhandu has quit IRC11:16
*** ociuhandu has joined #openstack-infra11:17
*** ociuhandu has quit IRC11:17
*** ociuhandu has joined #openstack-infra11:18
*** ykarel_ has joined #openstack-infra11:19
*** ykarel has quit IRC11:22
*** ykarel_ is now known as ykarel11:23
*** lucasagomes has quit IRC11:24
*** lucasagomes has joined #openstack-infra11:28
*** ociuhandu has quit IRC11:29
*** ociuhandu has joined #openstack-infra11:31
*** ociuhandu has quit IRC11:54
*** ociuhandu has joined #openstack-infra11:56
*** ociuhandu has quit IRC12:00
*** dchen has quit IRC12:03
*** ykarel_ has joined #openstack-infra12:07
*** ykarel has quit IRC12:09
*** derekh has quit IRC12:13
*** ysirndjuro has quit IRC12:27
*** rlandy has joined #openstack-infra12:33
*** jpena is now known as jpena|lunch12:34
*** tkajinam has quit IRC12:35
*** tkajinam has joined #openstack-infra12:35
*** gtema has quit IRC12:37
*** hashar is now known as hasharLunch12:39
*** xek has joined #openstack-infra13:01
*** redrobot has joined #openstack-infra13:06
*** ociuhandu has joined #openstack-infra13:06
*** hasharLunch is now known as hashar13:14
*** jamesdenton has quit IRC13:18
*** jamesden_ has joined #openstack-infra13:18
*** ociuhandu has quit IRC13:26
*** ociuhandu has joined #openstack-infra13:26
*** jpena|lunch is now known as jpena13:28
*** ociuhandu has quit IRC13:31
*** nweinber has joined #openstack-infra13:38
*** amoralej is now known as amoralej|lunch13:47
*** ociuhandu has joined #openstack-infra14:16
*** amoralej|lunch is now known as amoralej14:24
*** ykarel_ is now known as ykarel14:32
*** ociuhandu has quit IRC14:33
*** ociuhandu has joined #openstack-infra14:39
*** jamesden_ is now known as jamesdenton15:03
*** lpetrut has quit IRC15:03
*** rpittau is now known as rpittau|afk15:03
*** ociuhandu has quit IRC15:29
*** ociuhandu has joined #openstack-infra15:33
*** ociuhandu has quit IRC15:36
*** ociuhandu has joined #openstack-infra15:36
*** przemeklal has joined #openstack-infra15:37
*** ykarel has quit IRC15:37
*** dklyle has joined #openstack-infra15:43
*** psachin has quit IRC16:17
*** hashar is now known as hasharAway16:27
*** ociuhandu has quit IRC16:29
*** ociuhandu has joined #openstack-infra16:32
*** ociuhandu has quit IRC16:36
*** ociuhandu has joined #openstack-infra16:42
*** lucasagomes has quit IRC16:59
*** przemeklal has quit IRC17:04
*** eolivare has quit IRC17:15
*** amoralej is now known as amoralej|off17:39
*** ociuhandu_ has joined #openstack-infra17:39
*** ociuhandu_ has quit IRC17:40
*** ociuhandu has quit IRC17:40
*** ociuhandu has joined #openstack-infra17:41
*** dklyle has quit IRC17:52
*** dklyle has joined #openstack-infra17:52
*** jamesmcarthur has joined #openstack-infra17:53
*** jpena is now known as jpena|off17:58
*** gfidente has quit IRC17:59
*** irclogbot_0 has quit IRC18:03
*** irclogbot_2 has joined #openstack-infra18:04
*** gyee has joined #openstack-infra18:17
*** irclogbot_2 has quit IRC18:24
*** hasharAway has quit IRC18:27
*** irclogbot_2 has joined #openstack-infra18:28
*** jamesmcarthur_ has joined #openstack-infra18:34
*** ralonsoh has quit IRC18:35
*** jamesmcarthur has quit IRC18:38
*** ociuhandu has quit IRC18:42
*** ociuhandu has joined #openstack-infra18:54
*** ociuhandu has quit IRC18:58
*** xek has quit IRC19:04
*** elod has quit IRC19:12
*** takamatsu has quit IRC19:13
*** elod has joined #openstack-infra19:13
*** takamatsu has joined #openstack-infra19:27
*** outbrito has quit IRC19:28
*** sboyron has quit IRC19:30
*** jamesmcarthur_ has quit IRC19:52
*** jamesmcarthur has joined #openstack-infra19:53
*** jamesmcarthur has quit IRC19:58
*** przemeklal has joined #openstack-infra20:03
*** slaweq has quit IRC20:17
*** przemeklal has quit IRC20:30
*** dciabrin_ has joined #openstack-infra20:48
*** jamesdenton has quit IRC20:49
*** jamesden_ has joined #openstack-infra20:49
*** dciabrin has quit IRC20:51
*** nweinber has quit IRC21:13
*** hamalq has joined #openstack-infra21:14
*** ajitha has quit IRC21:18
*** rlandy has quit IRC22:19
*** iurygregory has quit IRC22:57
*** dchen has joined #openstack-infra23:05
*** iurygregory has joined #openstack-infra23:22
*** elod has quit IRC23:25
*** hamalq has quit IRC23:44
« Thursday, 2021-03-04 Index Saturday, 2021-03-06 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!