interactive hg (mercurial) using ssh is getting "authentication failures" to sourceforge

Ernie Rael err@raelity.com
Sun May 11 01:21:00 GMT 2014 

I'm running under mintty (same failure under cmd running "bash --login -i").
(I have only tried this to sourceforge)
In ssh log (see more detailed output further down) there is a suspicious
     debug1: read_passphrase: can't open /dev/tty: No such device or address

At the end of this post, there is experimental evidence that the ssh is
disasociated from the tty in the when spawned by hg. It is also shown that
the original environment is preserved.

I should be prompted for a passwword by ssh, but I'm seeing
     /jvi/ $ hg out
     comparing with ssh://err@hg.code.sf.net/p/jvi/code
     remote: Received disconnect from 216.34.181.156: 2: Too many 
authentication failures for err
     abort: no suitable response from remote hg!

NOTE: hg is a Win7 command, not compiled with the cygwin dll.

If I register id_dsa.pub with my account at sourceforge (through a web
interface, not simply putting the file in ~/.ssh/) then "hg out' completes
successfully (perhaps since no password is needed).

ssh works in general, I've used it to shell.sf.net,
and if I go directly to hg.code.sf.net I see
     /jvi/ $ ssh err@hg.code.sf.net
     Password:
but after entering password this direct access is terminated by 
sourceforge as expected.

Getting debug info from both hg and ssh gives on the console
     /jvi/ $ hg --debug -v out -e 'ssh -v -v -v -E 
c:/cygwin64/tmp/ssh.log -l err'
     comparing with ssh://err@hg.code.sf.net/p/jvi/code
     running ssh -v -v -v -E c:/cygwin64/tmp/ssh.log -l err 
err@hg.code.sf.net "hg -R p/jvi/code serve --stdio"
     sending hello command
     sending between command
     abort: no suitable response from remote hg!
and at the end of the ssh.log repeated 3 times there is
     debug2: userauth_kbdint
     debug2: we sent a keyboard-interactive packet, wait for reply
     debug2: input_userauth_info_req
     debug2: input_userauth_info_req: num_prompts 1
     debug1: read_passphrase: can't open /dev/tty: No such device or address
     debug3: packet_send2: adding 32 (len 14 padlen 18 extra_pad 64)
and finally
     Received disconnect from 216.34.181.156: 2: Too many authentication 
failures for err

System setup and cygwin install over last month, and settup has no 
pending downloads.
     /jvi/ $ uname -a
     CYGWIN_NT-6.1 spirit 1.7.29(0.272/5/3) 2014-04-07 13:46 x86_64 Cygwin

Looking at the source code of ssh, and assuming that
openbsd-compat/readpassphrase.c is used, then /dev/tty open error is the
problem.  (AFAICT)

I first saw the failure on this new install. Then went back to an old
system and I see the failure there as well. It used to work sometime in Q4
of 2013 on old system. Since then sourceforge has changed, I've updated
cygwin's dll and ssh on old system (so ssh between my old/new would be
working from same binaries, doh!). And I've probably changed other things as
well.  (I may be able to go to a backup on the old system to see if it
works, but I'd prefer to move forward...)

-ernie

==================
=== Experiment ===
==================

Have hg spawn a shell script, and get a look at the environment.
The script is invoked like: "sf-ssh /dev/pty0",
and in the script try to do $(tty) and access a shell variable
in hg's environment. The bash can access the pseudo tty, but doing
"tty" command fails. The environment is preserved.

=== The script: "c:/err/bin/sf-ssh"
     #!/usr/bin/bash

     (
         echo dollar-star: $*
         echo tty: $(tty)
         echo $XYZZY
     ) > /tmp/sf-ssh.$$ 2>&1

     echo NOTICE THIS DIRECT WRITE TO PSEUDO TTY $1 > $1

=== The command and it's console output
     /jvi/ $ XYZZY=magic-spell hg --debug -v out -e "bash -c 
'c:/err/bin/sf-ssh $(tty)'"
     NOTICE THIS DIRECT WRITE TO PSEUDO TTY /dev/pty0
     comparing with ssh://err@hg.code.sf.net/p/jvi/code
     running bash -c 'c:/err/bin/sf-ssh /dev/pty0' err@hg.code.sf.net 
"hg -R p/jvi/code serve --stdio"
     sending hello command
     sending between command
     abort: no suitable response from remote hg!

=== The output in /tmp/sf-ssh.$$

     /jvi/ $ cat /tmp/sf-ssh.8700
     dollar-star: /dev/pty0
     tty: not a tty
     magic-spell


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list