Hi,
Does that mean you have a workaround in place?
“My understanding is that the server is using a method that is now considered weak, isn't it?” That matches my understanding too. Perhaps something to take up with the Linaro DevOps team. 😊 Someone from the TF-A team might have raised this already, although I could not find a ticket in Linaro Jira visible to me.
/George
From: Jérôme Forissier jerome.forissier@linaro.org Sent: 16 November 2022 11:41 To: Gyorgy Szing Gyorgy.Szing@arm.com Cc: tf-a@lists.trustedfirmware.org; nd nd@arm.com Subject: Re: [TF-A] Submitting a patch to TF-A
Hi Gyorgy,
On Wed, 16 Nov 2022 at 10:55, Gyorgy Szing <Gyorgy.Szing@arm.commailto:Gyorgy.Szing@arm.com> wrote: Hi,
Well, your error code is different, but could it be this OpenSSH version conflict?: https://blog.hqcodeshop.fi/archives/525-OpenSSH-8.8-dropped-SHA-1-support.ht... Might be worth to try setting SSH to verbose mode with GIT_SSH_COMMAND as described here: https://askubuntu.com/questions/336907/really-verbose-way-to-test-git-connec...
I used: ssh -vvvv -p 29418 jforissier@review.trustedfirmware.orgmailto:jforissier@review.trustedfirmware.org and I got:
debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent debug1: send_pubkey_test: no mutual signature algorithm
My key is 2048 bit RSA. The following works:
ssh -vvvv -o 'PubkeyAcceptedAlgorithms +ssh-rsa' -p 29418 jforissier@review.trustedfirmware.orgmailto:jforissier@review.trustedfirmware.org debug1: Offering public key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: /home/jerome/.ssh/id_rsa RSA SHA256:kXuqKtZUYlCLS0w7nUZsU4Rn610YUzXxwzWC4HhaDTI agent
So I added an entry to my ~/.ssh/config:
Host review.trustedfirmware.orghttp://review.trustedfirmware.org PubkeyAcceptedAlgorithms +ssh-rsa
My understanding is that the server is using a method that is now considered weak, isn't it?
Thanks, -- Jerome
/George
From: Jérôme Forissier via TF-A <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Sent: 15 November 2022 10:49 To: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org Subject: [TF-A] Submitting a patch to TF-A
Hi,
I am trying to send a patch to review.trustedfirmware.orghttp://review.trustedfirmware.org but I get a Permission denied error.
=========================== $ git push jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-ahttp://jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a HEAD:refs/for/integration jforissier@review.trustedfirmware.orgmailto:jforissier@review.trustedfirmware.org: Permission denied (publickey). fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
$ git clone "ssh://jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-ahttp://jforissier@review.trustedfirmware.org:29418/TF-A/trusted-firmware-a" Cloning into 'trusted-firmware-a'... fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
$ ssh -p 29418 jforissier@review.trustedfirmware.orgmailto:jforissier@review.trustedfirmware.org jforissier@review.trustedfirmware.orgmailto:jforissier@review.trustedfirmware.org: Permission denied (publickey). ===========================
I can see my ssh key at https://review.trustedfirmware.org/settings/. I tried to upload it again, I also added -i to the ssh command to make sure the right key is used. What am I doing wrong?
Thanks, -- Jerome