2008-11-12 22:27:13 |
Robert Collins |
bug |
|
|
added bug |
2008-11-13 14:56:24 |
Diogo Matsubara |
launchpad: status |
New |
Incomplete |
|
2008-11-13 14:56:24 |
Diogo Matsubara |
launchpad: statusexplanation |
|
Can you give an example on how this would work? |
|
2008-11-14 00:51:49 |
Martin Pool |
description |
It would be nice to support password authentication for the sftp/bzr+ssh
servers on bazaar.launchpad.net. It seems a cause of pain for new users,
and we should be able to track door knocking attempts easily enough. It
certainly shouldn't be any less secure than the web form which allows
password authentication.
-Rob
affects launchpad
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
|
It would be nice to support password authentication for the sftp/bzr+ssh
servers on bazaar.launchpad.net. It seems a cause of pain for new users,
and we should be able to track door knocking attempts easily enough. It
certainly shouldn't be any less secure than the web form which allows
password authentication.
-Rob |
|
2008-11-14 00:51:49 |
Martin Pool |
title |
support passphrase authentication for bazaar |
support password/passphrase authentication for bazaar |
|
2008-11-14 00:57:52 |
Martin Pool |
launchpad: status |
Incomplete |
Confirmed |
|
2008-11-14 00:57:52 |
Martin Pool |
launchpad: bugtargetdisplayname |
Launchpad itself |
Launchpad Bazaar Integration |
|
2008-11-14 00:57:52 |
Martin Pool |
launchpad: bugtargetname |
launchpad |
launchpad-bazaar |
|
2008-11-14 00:57:52 |
Martin Pool |
launchpad: statusexplanation |
Can you give an example on how this would work? |
example:
user runs 'bzr push lp:~johndoe/project/foo'
user has no ssh private keys, or none registered with launchpad, or has configured their client to prefer password auth
the ssh client negotiates with lp to do password authentication
ssh client prompts the user for their password, and sends it across the encrypted channel
launchpad checks the password against the database, just as when logging in over https
if the password is correct, launchpad allows the user in
Since the password is already used over https to _set_ the ssh pubkey, so in that regard the password is equally trusted.
However, if there is eg a dns-spoofing attack, and the user connects to a server that's not really launchpad (cf bug 238869), and they don't have keys configured, they will end up giving their password to that site. However, doing key based authentication would be nearly as bad because it allows a mitm attack. A better way to solve this is to make sure users can authenticate the server.
For some users it's much easier to type the password every time than to set up a key. |
|
2008-11-14 00:57:52 |
Martin Pool |
launchpad: title |
Bug #297398 in Launchpad itself: "support password/passphrase authentication for bazaar" |
Bug #297398 in Launchpad Bazaar Integration: "support password/passphrase authentication for bazaar" |
|
2009-02-05 05:45:26 |
Jonathan Lange |
launchpad-bazaar: status |
Confirmed |
Triaged |
|
2009-02-05 05:45:26 |
Jonathan Lange |
launchpad-bazaar: importance |
Undecided |
Low |
|
2009-02-05 05:45:26 |
Jonathan Lange |
launchpad-bazaar: statusexplanation |
example:
user runs 'bzr push lp:~johndoe/project/foo'
user has no ssh private keys, or none registered with launchpad, or has configured their client to prefer password auth
the ssh client negotiates with lp to do password authentication
ssh client prompts the user for their password, and sends it across the encrypted channel
launchpad checks the password against the database, just as when logging in over https
if the password is correct, launchpad allows the user in
Since the password is already used over https to _set_ the ssh pubkey, so in that regard the password is equally trusted.
However, if there is eg a dns-spoofing attack, and the user connects to a server that's not really launchpad (cf bug 238869), and they don't have keys configured, they will end up giving their password to that site. However, doing key based authentication would be nearly as bad because it allows a mitm attack. A better way to solve this is to make sure users can authenticate the server.
For some users it's much easier to type the password every time than to set up a key. |
Very tempted to mark this as wontfix.
Requires adding support for password authentication to the SSH server, and adding a new internal RPC method for validating the password. |
|
2010-02-28 22:22:25 |
Tim Penhey |
launchpad-code: importance |
Low |
Wishlist |
|
2011-01-14 22:42:15 |
Robert Collins |
summary |
support password/passphrase authentication for bazaar |
using ssh keys to connect to bazaar.launchpad.net confuses uses a great deal |
|
2011-01-14 22:42:19 |
Robert Collins |
launchpad: importance |
Wishlist |
Low |
|
2011-01-14 22:44:11 |
Robert Collins |
description |
It would be nice to support password authentication for the sftp/bzr+ssh
servers on bazaar.launchpad.net. It seems a cause of pain for new users,
and we should be able to track door knocking attempts easily enough. It
certainly shouldn't be any less secure than the web form which allows
password authentication.
-Rob |
Users often have trouble understanding ssh public/private keys, their relationship to bzr, how they work and how to set them up. It seems a particular source of pain for new users.
One way to solve this would be an oauth-like, or oauth-based authentication mechanism for bzr. (Perhaps by running against https://bazaar.launchpad.net). |
|
2011-01-14 22:44:19 |
Robert Collins |
summary |
using ssh keys to connect to bazaar.launchpad.net confuses uses a great deal |
using ssh keys to connect to bazaar.launchpad.net confuses users a great deal |
|
2011-01-14 22:44:26 |
Robert Collins |
tags |
lp-code |
confusing-ui lp-code |
|
2011-09-28 03:23:59 |
Martin Pool |
description |
Users often have trouble understanding ssh public/private keys, their relationship to bzr, how they work and how to set them up. It seems a particular source of pain for new users.
One way to solve this would be an oauth-like, or oauth-based authentication mechanism for bzr. (Perhaps by running against https://bazaar.launchpad.net). |
Users often have trouble understanding ssh public/private keys, their relationship to bzr, how they work and how to set them up. It seems a particular source of pain for new users.
One way to solve this would be an oauth-like, or oauth-based authentication mechanism for bzr. (Perhaps by running against https://bazaar.launchpad.net).
See https://dev.launchpad.net/LEP/SSH_OAuth for more discussion. |
|
2012-08-30 03:00:21 |
Edward Donovan |
bug |
|
|
added subscriber Edward Donovan |