Closed Bug 648541 Opened 13 years ago Closed 13 years ago

Commit Access (Level 1) for Ed Morley

Categories

(mozilla.org :: Repository Account Requests, task)

Product:
mozilla.org
Component:
Repository Account Requests
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: emorley, Assigned: ebalangue)

References

Details

Attachments

(1 file, 1 obsolete file)

SSH Key
381 bytes, text/plain
Details
Attached file SSH Key (obsolete) — 
Requesting level 1 for hg try server access, so I can test my patch in bug 648508 and subsequent [good first bug]s without having to bother others to push to try.

For login email, please use bmo at edmorley dot co dot uk (sorry for obfuscation, currently spam free on this domain so a little paranoid!).

SSH pub key attached.

Will email scan of committer's agreement shortly / find someone to vouch.

Thanks!
Scanned committer's agreement emailed to Erica.
I'll vouch for him (if that's even needed! :-) )
I have received Ed's Committer's Agreement.
Thanks Erica.

This request is ready for consideration.
Whiteboard: ssh-key,voucher,form
Should this be moved over to IT?
Assignee: mozillamarcia.knous → server-ops
Assignee: server-ops → desktop-support
Component: Repository Account Requests → Server Operations: Desktop Issues
QA Contact: repo-acct-req → mrz
Assignee: desktop-support → ebalangue
We'll need to get approval from either Gavin, Marcia or Reed before proceeding
Status: NEW → ASSIGNED
Please do not move these bugs outside the Repository Account Requests component.

This is good for Level 1. ebalangue, you may proceed.
Component: Server Operations: Desktop Issues → Repository Account Requests
QA Contact: mrz → repo-acct-req
Mook: apologies for the delay here - the "Repository Access" component usually only handles new requests, and Marcia is away for a little bit, so it took a while for this to be noticed and moved over to server-ops.
Gah, sorry, that comment was on the wrong bug. Ignore!
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Ed's ldap configurations have been created and a notification has been sent. If you have any questions or concerns, feel free to contact desktop upport
Received the LDAP login details and I've just tried to change my temporary password, but the reset page is not accepting it. SSH hg access isn't accepting my username/priv key combo either. Do I just need to wait longer for my account change to propagate, or is there something up?

Thanks :-)
Reopening based on comment 11.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Ed, we've recreated your ldap and the required bits. An email notification on your account info has been sent. If you have any questions or concerns, feel free to contact desktop support.
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
I've been able to log in using the temporary LDAP user/pw and change the pw to something else; but whenever I try to connect via SSH and my private key (either using hg or Putty directly to test) I get the error:
"Disconnected: No supported authentication methods available"

I've spent an hour of trying different things and eliminating everything I can think of, but I'm now starting to think the problem isn't my end.

Are the SSH bits definitely set; and for the same login username as my LDAP?

Thanks!
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
For SSH, your "username" is your full LDAP account address (bmo@edmorley.co.uk). See https://developer.mozilla.org/en/Mercurial_FAQ#Required_configuration for some configuration details (the ~/.ssh/config lines in particular).

Pastebinning output of ssh -v hg.mozilla.org could be useful.
I'm using the full LDAP email address as username and have set it + host using .ssh/config/ in the format given in the Mercurial FAQ document.

Resultant output from ssh -v (thanks for the -v suggestion Gavin):
http://pastebin.com/hfnV5zyv

This didn't seem to shed any light, so tried -vvv:
http://pastebin.com/sNvGdfAE
Looks like your private key file is malformed.  See line 10 onwards here: http://pastebin.com/sNvGdfAE
I thought that was expected, since it should be using v2?

ie http://groups.google.com/group/gitolite/browse_thread/thread/525468edfacd1beb ?

I've even tried creating a new private key, this time using ssh-keygen (via the MozillaBuild environment) instead of putty-gen - and it shows the same message (about v1; obviously I don't expect the new private key to actually work when it comes to authenticating, given it won't match the public key).
The SSH key was attached in SECSH form. ebalangue, did you convert it to OpenSSH form before adding it to LDAP? If that required step wasn't done, that would cause this.
Sorry if that format wasn't the correct one; I was kind of winging it since I couldn't find a page that specified the preferred key type/format.

Would it be possible for someone to update http://www.mozilla.org/hacking/committer/ to specify:
- openSSH format is preferable
- DSA vs RSA?
- suggested key size
- perhaps suggest using MozillaBuild and ssh-keygen and give exact command line to ensure correct key output?

Thanks :-)
(In reply to comment #20)
> Sorry if that format wasn't the correct one; I was kind of winging it since I
> couldn't find a page that specified the preferred key type/format.
> 
> Would it be possible for someone to update
> http://www.mozilla.org/hacking/committer/ to specify:
> - openSSH format is preferable
> - DSA vs RSA?
> - suggested key size
> - perhaps suggest using MozillaBuild and ssh-keygen and give exact command line
> to ensure correct key output?

You should file a bug about that in Websites::www.mozilla.org.  :-)
(In reply to comment #18)
> I thought that was expected, since it should be using v2?
> 
> ie
> http://groups.google.com/group/gitolite/browse_thread/thread/525468edfacd1beb ?
> 
> I've even tried creating a new private key, this time using ssh-keygen (via the
> MozillaBuild environment) instead of putty-gen - and it shows the same message
> (about v1; obviously I don't expect the new private key to actually work when
> it comes to authenticating, given it won't match the public key).

If my memory serves, putty-gen could convert the public/private keys to the OpenSSH format (sorry I don't have a Windows machine handy, so I can't tell you how), but if that doesn't work out, I guess you can just use ssh-keygen and attach a new public key file.
(In reply to comment #22)
> If my memory serves, putty-gen could convert the public/private keys to the
> OpenSSH format (sorry I don't have a Windows machine handy, so I can't tell you
> how), but if that doesn't work out, I guess you can just use ssh-keygen and
> attach a new public key file.

No need for a new key. SECSH keys can be easily converted (by hand) into the OpenSSH format. IT already has a script for this.
Whiteboard: ssh-key,voucher,form → [issues with ssh key]
Ebalangue, do I need to do anything (CC someone/change assignee?) to ensure someone converts/checks the key per comment 19? Just wondering if you had perhaps only seen comment 17 and instead thought the ssh key was malformed, hence the new whiteboard value.

Thanks :-)
|ssh-keygen -i -f <keyfile>| will convert it into the right format, fwiw.
Attached file SSH Key 
Converted to OpenSSH format.
Ebalangue, please may you update my key.

Thanks Gavin, I didn't know that :-)
Attachment #524632 - Attachment is obsolete: true
Whiteboard: [issues with ssh key]
Is there any possibility someone could update my key before everyone goes home for the weekend? 

At present I'm having to ask for review/checkin on patches that haven't even been tested on try, which seems a little unfair on the reviewers (and also the kind people pushing to m-c for me), in case something gets missed.

It's slightly frustrating to have had absolutely everything complete for this request 7 hours after filing this bug (my original SSH key was fine, I've only converted it since in the hope it would expedite things)... but yet 14 days later still not have commit access to try.

Thanks :-)
Blocks: 473687
Ed, your SSH key has been updated. Feel free to check if you have access. Feel free to contact desktop support, for any questions or concerns.
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Confirmed working now - thanks :-)
No longer blocks: 473687
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: