[darcs-users] darcs failed: (sftp) failed to fetch files.

Michael Shuler michael at pbandjelly.org
Tue Sep 6 22:26:02 UTC 2005 

David Roundy wrote:
>From the strace:
> 
> ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xffffb7f8) = -1 ENOTTY (Inappropriate ioctl for device)
> 
> I wonder if the problem might be that the ssh in sid somehow is failing to
> ask for the password because its standard input isn't a TTY.  Can you try
> setting up password-less ssh with public key authorization, and see if the
> darcs get works then? Or are you already doing this, and I'm completely on
> the wrong track?

Keyed password-less get does work successfully:

michael at ares: ~ $ darcs get 
mshuler at darcs.dfw1.foobarra.com:/var/lib/darcs/rs-rhn-api
sftp output:
Changing to: /home/mshuler/
sftp> cd /var/lib/darcs/rs-rhn-api/_darcs/patches
sftp> get 20050824212913-0090d-f8af9b6acc8d3da0868bc2b391284072d53dcfee.gz
Fetching 
/var/lib/darcs/rs-rhn-api/_darcs/patches/20050824212913-0090d-f8af9b6acc8d3da0868bc2b391284072d53dcfee.gz 
to 20050824212913-0090d-f8af9b6acc8d3da0868bc2b391284072d53dcfee.gz
sftp>

Applying patches to the "working" directory...
..
Finished getting.
michael at ares: ~ $

System logs from this keyed login:

Sep  6 17:01:19 host sshd[1021]: Connection from xx.xx.xx.xx port 49803
Sep  6 17:01:19 host sshd[1021]: Failed none for mshuler from 
xx.xx.xx.xx port 49803 ssh2
Sep  6 17:01:19 host sshd[1021]: Found matching DSA key: 
66:03:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:19 host sshd[1021]: Found matching DSA key: 
66:03:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:19 host sshd[1021]: Accepted publickey for mshuler from 
xx.xx.xx.xx port 49803 ssh2
Sep  6 17:01:19 host sshd[1023]: Connection closed by xx.xx.xx.xx
Sep  6 17:01:19 host sshd[1023]: Closing connection to xx.xx.xx.xx
Sep  6 17:01:19 host sshd[1025]: Connection from xx.xx.xx.xx port 49804
Sep  6 17:01:19 host sshd[1025]: Failed none for mshuler from 
xx.xx.xx.xx port 49804 ssh2
Sep  6 17:01:19 host sshd[1025]: Found matching DSA key: 
66:09:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:19 host sshd[1025]: Found matching DSA key: 
66:09:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:19 host sshd[1025]: Accepted publickey for mshuler from 
xx.xx.xx.xx port 49804 ssh2
Sep  6 17:01:19 host sshd[1027]: Connection closed by xx.xx.xx.xx
Sep  6 17:01:19 host sshd[1027]: Closing connection to xx.xx.xx.xx
Sep  6 17:01:19 host sshd[1029]: Connection from xx.xx.xx.xx port 49805
Sep  6 17:01:20 host sshd[1029]: Failed none for mshuler from 
xx.xx.xx.xx port 49805 ssh2
Sep  6 17:01:20 host sshd[1029]: Found matching DSA key: 
66:09:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:20 host sshd[1029]: Found matching DSA key: 
66:09:cd:94:33:fd:90:3e:8b:19:e1:6e:d4:a4:98:f6
Sep  6 17:01:20 host sshd[1029]: Accepted publickey for mshuler from 
xx.xx.xx.xx port 49805 ssh2
Sep  6 17:01:20 host sshd[1031]: subsystem request for sftp
Sep  6 17:01:20 host sshd[1031]: Connection closed by xx.xx.xx.xx
Sep  6 17:01:20 host sshd[1031]: Closing connection to xx.xx.xx.xx

> I could imagine that a new version of ssh might try to be extra-tricky to
> make sure that your passphrase can't be sniffed by darcs, which might cause
> trouble.
> 
> Presumably sftp is failing because for some reason it doesn't like how
> darcs is calling it.  Could you try compiling darcs with the attached patch
> applied? This will cause darcs to output the error message that sftp
> outputs, which may give a hint as to what is going wrong.

That is our assumption, too - the troubling thing is that I would think 
there would be tons of bug reports on this, since there are a lot of 
people using darcs and sid...

I used the 1.0.3 Debian source and built a new patched .deb - patch 
applied cleanly - thanks!

The above keyed login is fine - here is the failed interactive login:

michael at ares: ~ $ darcs get 
mshuler at darcs.dfw1.foobarra.com:/var/lib/darcs/rs-rhn-api
Password:
Password:

darcs failed:  (sftp) failed to fetch files.
source directory: /var/lib/darcs/rs-rhn-api/_darcs/patches
source files:
20050824212913-0090d-f8af9b6acc8d3da0868bc2b391284072d53dcfee.gz
sftp output:
Permission denied (publickey,password,keyboard-interactive).
Couldn't read packet: Connection reset by peer

michael at ares: ~ $

And the system logs for the failed login:

Sep  6 17:00:17 host sshd[1005]: Connection from xx.xx.xx.xx port 59396
Sep  6 17:00:17 host sshd[1005]: Failed none for mshuler from 
xx.xx.xx.xx port 59396 ssh2
Sep  6 17:00:25 host sshd[1005]: Accepted keyboard-interactive/pam for 
mshuler from xx.xx.xx.xx port 59396 ssh2
Sep  6 17:00:25 host sshd[1010]: Connection closed by xx.xx.xx.xx
Sep  6 17:00:25 host sshd[1010]: Closing connection to xx.xx.xx.xx
Sep  6 17:00:25 host sshd[1012]: Connection from xx.xx.xx.xx port 59397
Sep  6 17:00:25 host sshd[1012]: Failed none for mshuler from 
xx.xx.xx.xx port 59397 ssh2
Sep  6 17:00:28 host sshd[1012]: Accepted keyboard-interactive/pam for 
mshuler from xx.xx.xx.xx port 59397 ssh2
Sep  6 17:00:28 host sshd[1016]: Connection closed by xx.xx.xx.xx
Sep  6 17:00:28 host sshd[1016]: Closing connection to xx.xx.xx.xx
Sep  6 17:00:28 host sshd[1018]: Connection from xx.xx.xx.xx port 59398
Sep  6 17:00:28 host sshd[1018]: Failed none for mshuler from 
xx.xx.xx.xx port 59398 ssh2

---

Not sure if it helps, but from my successfull Sarge chroot, there are 3 
password prompts, and the logs from the keyed login, there are 3 
connections - the failed login only asks 2 times and fails.

Keys is a good workaround without chroot, but hopefully I can help with 
correcting standard login.

Kind Regards,
Michael Shuler

More information about the darcs-users mailing list