From lflinders at ip-performance.co.uk Tue Jul 9 17:02:53 2019 From: lflinders at ip-performance.co.uk (Luke Flinders) Date: Tue, 9 Jul 2019 09:02:53 +0000 Subject: Cryptroot-unlock Timeout on askpass Message-ID: Hi, We have had the remote decrypting functioning for a while, however following recent updates to Debian it has now stopped working. The error we are getting is a timeout for Cryptroot-unlock when the askpass function is called. I have had a look through your mailing archive and can not see this issue mentioned anywhere. Any help would be appreciated. [cid:image004.jpg at 01D5363D.7853F210] Kind regards, Luke Flinders Security and Network Engineer IP Performance Ltd 1-3 Merietts Court, Long Ashton Business Park, Long Ashton, Bristol, BS41 9LW Office: +44 1275 393382 24/7 Support: +44 8708 409100 Email : lflinders at ip-performance.co.uk [IPP Iogo newsmaller] CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited. -------------- next part -------------- An HTML attachment was scrubbed... URL: https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20190709/d850c2ba/attachment-0001.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 3098 bytes Desc: image003.jpg Url : https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20190709/d850c2ba/attachment-0002.jpg -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 12126 bytes Desc: image004.jpg Url : https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20190709/d850c2ba/attachment-0003.jpg From guilhem at fripost.org Tue Jul 9 20:31:48 2019 From: guilhem at fripost.org (Guilhem Moulin) Date: Tue, 9 Jul 2019 14:31:48 +0200 Subject: Cryptroot-unlock Timeout on askpass In-Reply-To: References: Message-ID: <20190709123147.GA7121@fripost.org> Hi, On Tue, 09 Jul 2019 at 09:02:53 +0000, Luke Flinders wrote: > We have had the remote decrypting functioning for a while, however > following recent updates to Debian it has now stopped working. > [?] > I have had a look through your mailing archive and can not see this > issue mentioned anywhere. That feature isn't developed nor maintained by dropbear's upstream maintainer, but by the Debian package maintainer (who happens to be me right now). Could please you file a bug against the ?dropbear-initramfs? package (or the ?cryptsetup-initramfs? package if you believe the problem is in `cryptroot-look`) at the Debian BTS? https://bugs.debian.org/ We'll likely need some details about your setup. reportbug(1) will automatically fill a template with the relevant details. Thanks! Cheers, -- Guilhem. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: not available Url : https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20190709/52ab98fa/attachment.sig From lflinders at ip-performance.co.uk Tue Jul 9 21:03:51 2019 From: lflinders at ip-performance.co.uk (Luke Flinders) Date: Tue, 9 Jul 2019 13:03:51 +0000 Subject: Cryptroot-unlock Timeout on askpass In-Reply-To: <20190709123147.GA7121@fripost.org> References: <20190709123147.GA7121@fripost.org> Message-ID: Hi Guilhem, Thanks for getting back to me, I have raised a bug with the format provided below, I believe the issue is in cryptsetup as this was updated during the time between not having the issue and it appearing. Where, as far as I can tell, dropbear was not patched. Package: cryptsetup Version:2:2.1.0 Error message is; Error: Timeout reached while waiting for askpass Command run is; cryptroot-unlock kernel is; 4.19.37-5 C version; 2.28-10 I am pretty sure that the upgrade from cryptsetup 2:2.0.6 to the version above caused this issue. Kind regards, Luke Flinders -----Original Message----- From: Guilhem Moulin Sent: 09 July 2019 13:32 To: Luke Flinders Cc: dropbear at ucc.asn.au; Andy Millett Subject: Re: Cryptroot-unlock Timeout on askpass Hi, On Tue, 09 Jul 2019 at 09:02:53 +0000, Luke Flinders wrote: > We have had the remote decrypting functioning for a while, however > following recent updates to Debian it has now stopped working. > [?] > I have had a look through your mailing archive and can not see this > issue mentioned anywhere. That feature isn't developed nor maintained by dropbear's upstream maintainer, but by the Debian package maintainer (who happens to be me right now). Could please you file a bug against the ?dropbear-initramfs? package (or the ?cryptsetup-initramfs? package if you believe the problem is in `cryptroot-look`) at the Debian BTS? https://bugs.debian.org/ We'll likely need some details about your setup. reportbug(1) will automatically fill a template with the relevant details. Thanks! Cheers, -- Guilhem. From postergreenp at gmail.com Thu Jul 18 23:59:53 2019 From: postergreenp at gmail.com (Mike R) Date: Thu, 18 Jul 2019 11:59:53 -0400 Subject: known_hosts file not being updated when using ssh -y Message-ID: I am running dropbear client on openwrt. I have an empty known_hosts file. When I connect with the command line "ssh -y example at openssh.com", the new server line is NOT added to the known_hosts file. (If the file does not exist before I start, then the file is created but the new server line is NOT added.) I would expect that -y would check the host entry if it exists, and otherwise create a new host entry in known_hosts. (This works if -y is not used and no entry exists in the known_hosts file). Am I misunderstanding, or is this a bug? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20190718/974654f2/attachment.htm