Bug #85
Prompts for "passphrase" instead of "password" in some situations
| Status: | Assigned | Start: | 11/08/2009 | |
| Priority: | Wart | Due date: | ||
| Assigned to: |  Jeff Forcier |
% Done: | 0% |
|
| Category: | Network | |||
| Target version: | 1.1 | |||
Description
Due to what I recall being a Paramiko issue, we sometimes have to guess as to whether a given authentication exception is asking us for a SSH private key passphrase, or for a normal system password. This results in Fabric asking for a passphrase when it’s really asking for a password.
This happens to me quite often because I have SSH-agent running and connecting to servers without my public key on them gets me the passphrase prompt (because Fab detects that I'm using an agent/loading my private key) when the actual problem is that the remote end wants my password.
Since there’s no way for Fab to detect this itself (it has to lean on what Paramiko provides) it will probably entail horribad monkeypatching, or submitting a bugfix to Paramiko.
Note that the test test_passphrase_prompt_displays_host_string in tests/test_network.py will need to be updated when this is fixed, as right now it doesn’t really do what it says it does :(
Related issues
| related to Support #86 | Explore move back to external Paramiko dependency | Done | 11/08/2009 | ||
| related to Bug #150 | SSH key and agent weirdness | New | 03/09/2010 | ||
| related to Bug #213 | Password memory edge case: passphrase vs password | New | 08/14/2010 | ||
| related to Bug #223 | Full stack tests choking on passphrase-vs-password issue | Done | 09/03/2010 |
History
Updated by Jeff Forcier 35 days ago
A possibly related issue here, which I'm noting down as a comment under the assumption that it is the same underlying issue:
- Agent not running or disabled
- Autoload of homedir keys disabled
- Specify path to key via
-i - Get prompted for password, not passphrase
- Either password OR key’s passphrase will appear to work
- Key filepath values being correctly passed to Paramiko by Fabric (double checked this)
- Paramiko raising an exception when trying the key (probably the “hey, it’s locked! where’s my passphrase?” exception)
- Stopped tracing there, but assuming that it’s sort of the inverse of the main ticket issue — one of the two libraries is reusing the entered password:
- If given password, passphrase prompt fails, then reused for password prompt, yay
- If given passphrase, passphrase prompt succeeds, yay
As with main ticket, solution will be to better understand Paramiko’s mechanisms and then to alter them so that Fabric can know to ask the user for the correct pass(word|phrase).
Updated by Jeff Forcier 6 days ago
- Target version changed from 0.9.2 to 1.0
Not sure why this was under 0.9, it’s a wart but is not going to be an easy fix and is best left for 1.0 (or post-1.0).
Also available in: Atom