Hi,
Does that mean you have a workaround in place?
“My understanding is that the server is using a method that is now considered weak, isn't it?”
That matches my understanding too. Perhaps something to take up with the Linaro DevOps team. 😊 Someone from the TF-A team might have raised this already, although I could not find a ticket in Linaro Jira visible to me.
/George
From: Jérôme Forissier <jerome.forissier@linaro.org>
Sent: 16 November 2022 11:41
To: Gyorgy Szing <Gyorgy.Szing@arm.com>
Cc: tf-a@lists.trustedfirmware.org; nd <nd@arm.com>
Subject: Re: [TF-A] Submitting a patch to TF-A
Hi Gyorgy,
On Wed, 16 Nov 2022 at 10:55, Gyorgy Szing <Gyorgy.Szing@arm.com> wrote:
Hi,
Well, your error code is different, but could it be this OpenSSH version conflict?: https://blog.hqcodeshop.fi/archives/525-OpenSSH-8.8-dropped-SHA-1-support.html
Might be worth to try setting SSH to verbose mode with GIT_SSH_COMMAND as described here: https://askubuntu.com/questions/336907/really-verbose-way-to-test-git-connection-over-ssh
I used: ssh -vvvv -p 29418 jforissier@review.trustedfirmware.org and I got:
debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
debug1: send_pubkey_test: no mutual signature algorithm
My key is 2048 bit RSA. The following works:
ssh -vvvv -o 'PubkeyAcceptedAlgorithms +ssh-rsa' -p 29418 jforissier@review.trustedfirmware.org
debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
So I added an entry to my ~/.ssh/config:
Host review.trustedfirmware.org
PubkeyAcceptedAlgorithms +ssh-rsa
My understanding is that the server is using a method that is now considered weak, isn't it?
Thanks,--
Jerome
/George
From: Jérôme Forissier via TF-A <tf-a@lists.trustedfirmware.org>
Sent: 15 November 2022 10:49
To: tf-a@lists.trustedfirmware.org
Subject: [TF-A] Submitting a patch to TF-A
Hi,
I am trying to send a patch to review.trustedfirmware.org but I get a Permission denied error.
===========================
$ git push jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a HEAD:refs/for/integration
jforissier@review.trustedfirmware.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
$ git clone "ssh://jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a"
Cloning into 'trusted-firmware-a'...
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
$ ssh -p 29418 jforissier@review.trustedfirmware.org
jforissier@review.trustedfirmware.org: Permission denied (publickey).
===========================
I can see my ssh key at https://review.trustedfirmware.org/settings/. I tried to upload it again, I also added -i to the ssh command to make sure the right key is used. What am I doing wrong?
Thanks,
--
Jerome