16 Nov
2022
16 Nov
'22
11:20 a.m.
On Wed, 16 Nov 2022 at 12:11, Gyorgy Szing Gyorgy.Szing@arm.com wrote:
Hi,
Does that mean you have a workaround in place?
Absolutely, sorry for not being clear.
“My understanding is that the server is using a method that is now considered weak, isn't it?”
That matches my understanding too. Perhaps something to take up with the Linaro DevOps team. 😊 Someone from the TF-A team might have raised this already, although I could not find a ticket in Linaro Jira visible to me.
I didn't know that the TFO was maintained by Linaro DevOps, but now I found some info in the internal wiki. I will raise the issue to that team.
Thanks,
--
Jerome
>
>
> /George
>
>
>
> *From:* Jérôme Forissier jerome.forissier@linaro.org
> *Sent:* 16 November 2022 11:41
> *To:* Gyorgy Szing Gyorgy.Szing@arm.com
> *Cc:* tf-a@lists.trustedfirmware.org; nd nd@arm.com
> *Subject:* Re: [TF-A] Submitting a patch to TF-A
>
>
>
> Hi Gyorgy,
>
>
>
> On Wed, 16 Nov 2022 at 10:55, Gyorgy Szing Gyorgy.Szing@arm.com wrote:
>
> Hi,
>
>
>
> Well, your error code is different, but could it be this OpenSSH version
> conflict?:
> https://blog.hqcodeshop.fi/archives/525-OpenSSH-8.8-dropped-SHA-1-support.ht...
>
> Might be worth to try setting SSH to verbose mode with GIT_SSH_COMMAND as
> described here:
> https://askubuntu.com/questions/336907/really-verbose-way-to-test-git-connec...
>
>
>
> I used: ssh -vvvv -p 29418 jforissier@review.trustedfirmware.org and I
> got:
>
> debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA
> SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
> debug1: send_pubkey_test: no mutual signature algorithm
>
> My key is 2048 bit RSA. The following works:
>
> ssh -vvvv -o 'PubkeyAcceptedAlgorithms +ssh-rsa' -p 29418
> jforissier@review.trustedfirmware.org
> debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA
> SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
> debug3: send packet: type 50
> debug2: we sent a publickey packet, wait for reply
> debug3: receive packet: type 60
> debug1: Server accepts key: /home/jerome/.ssh/id_rsa RSA
> SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
>
> So I added an entry to my ~/.ssh/config:
>
> Host review.trustedfirmware.org
> PubkeyAcceptedAlgorithms +ssh-rsa
>
>
>
> My understanding is that the server is using a method that is now
> considered weak, isn't it?
>
>
> Thanks,
>
> --
>
> Jerome
>
>
>
> /George
>
> *From:* Jérôme Forissier via TF-A tf-a@lists.trustedfirmware.org
> *Sent:* 15 November 2022 10:49
> *To:* tf-a@lists.trustedfirmware.org
> *Subject:* [TF-A] Submitting a patch to TF-A
>
>
>
> Hi,
>
>
>
> I am trying to send a patch to review.trustedfirmware.org but I get a
> Permission denied error.
>
>
>
> ===========================
>
> $ git push
> jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a
> HEAD:refs/for/integration
>
> jforissier@review.trustedfirmware.org: Permission denied (publickey).
> fatal: Could not read from remote repository.
>
> Please make sure you have the correct access rights
> and the repository exists.
>
>
>
> $ git clone "ssh://
> jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a"
>
> Cloning into 'trusted-firmware-a'...
>
> fatal: Could not read from remote repository.
>
> Please make sure you have the correct access rights
> and the repository exists.
>
>
>
>
>
> $ ssh -p 29418 jforissier@review.trustedfirmware.org
>
> jforissier@review.trustedfirmware.org: Permission denied (publickey).
>
> ===========================
>
>
>
> I can see my ssh key at https://review.trustedfirmware.org/settings/. I
> tried to upload it again, I also added -i to the ssh command to make sure
> the right key is used. What am I doing wrong?
>
>
>
> Thanks,
>
> --
>
> Jerome
>
>