Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nix-copy-closure to ssh:// store tries to log in with empty SSH username #10898

Open
the-sun-will-rise-tomorrow opened this issue Jun 12, 2024 · 0 comments
Open

nix-copy-closure to ssh:// store tries to log in with empty SSH username #10898

the-sun-will-rise-tomorrow opened this issue Jun 12, 2024 · 0 comments
Labels
bug

Comments

@the-sun-will-rise-tomorrow
Copy link

the-sun-will-rise-tomorrow commented Jun 12, 2024
edited
Loading

Describe the bug

I'm not sure if this is supposed to work, but it does seem to almost work, so maybe it should work?

If I run nix-copy-closure --to 'ssh://user@machine?base64-ssh-public-host-key=...&ssh-key=...', Nix seems to try to (eventually) log in to the target machine with an empty SSH username ("").

Local logs:

//ssh://foobar@foobar.example.com: Permission denied (publickey).
error: failed to start SSH connection to '//ssh://foobar@foobar.example.com'

Remote logs:

Jun 12 14:49:09 foobar sshd[1256612]: Accepted publickey for foobar from 192.168.0.2 port 33540 ssh2: ED25519 SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Jun 12 14:49:09 foobar sshd[1256612]: pam_unix(sshd:session): session opened for user foobar(uid=30033) by (uid=0)
Jun 12 14:49:09 foobar systemd-logind[622]: New session 1580 of user foobar.
Jun 12 14:49:09 foobar systemd[1]: Started session-1580.scope - Session 1580 of User foobar.
Jun 12 14:49:09 foobar sshd[1256612]: pam_env(sshd:session): deprecated reading of user environment enabled
Jun 12 14:49:09 foobar sshd[1256619]: Received disconnect from 192.168.0.2 port 33540:11: disconnected by user
Jun 12 14:49:09 foobar sshd[1256619]: Disconnected from user foobar 192.168.0.2 port 33540
Jun 12 14:49:09 foobar sshd[1256612]: pam_unix(sshd:session): session closed for user foobar
Jun 12 14:49:09 foobar systemd[1]: session-1580.scope: Deactivated successfully.
Jun 12 14:49:09 foobar systemd-logind[622]: Session 1580 logged out. Waiting for processes to exit.
Jun 12 14:49:09 foobar systemd-logind[622]: Removed session 1580.
Jun 12 14:49:10 foobar sshd[1256622]: Invalid user  from 192.168.0.2 port 33554
Jun 12 14:49:10 foobar sshd[1256622]: Connection closed by invalid user  192.168.0.2 port 33554 [preauth]

Notice how it seems to log in successfully but the last two lines show that it seems to try logging in with an empty username.

Steps To Reproduce

  1. nix-copy-closure --to 'ssh://user@machine?base64-ssh-public-host-key=...&ssh-key=...'

Expected behavior

Work, or fail in a reasonable way.

nix-env --version output

nix-env (Nix) 2.19.1

Additional context

nix --extra-experimental-features nix-command copy instead of nix-copy-closure seems to work OK.

Priorities

Add 👍 to issues you find important.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@the-sun-will-rise-tomorrow