Community
Participate
Working Groups
CVS Server 1.11.17 on Linux Eclipse 3.1 on Windows XP SP2 I have a connection to a CVS server using the extssh connection. Whenever the password on my CVS server expires the eclipse CVS connection just timesout witout any error about an expired password. If I login to the linux box using ssh (Putty) I immediately get the expired password error and after resetting the password eclipse works fine. /sanjay
Move tom Platform/CVS
We didn't have time to address this in 3.3.
As far as I know, at the pasword expiration, sshd will take one of following actions to suggest users to reset their password, 1. PASSWD_CHANGEREQ, which is defiend in ssh2 protocol[1], 2. using stdio of remotely exected command "cvs server" if pty is allocated, 3. keyboard-interactive auth method I guess the reporter has encountered the second case and, frankly to speaking, Eclipse SDK can not handle that case. Please let me add comments for each case. As for the first case, jsch has supported PASSWD_CHANGEREQ since jsch-0.1.32 and upgrading jsch version will allow users to change password successfully. FYI, it seems OpenSSH does not use this method and I don't know which sshd has supported it. As for the second case. I have confirmed that OpenSSH's sshd has taken this action. If the password expiration is found in the password auth method, it will start the process to change the password. In this process, if pty is not allocated, ssh session will be dropped. This is the reason that there is not error message as reporter has written. By using JSch API, you can allocate pty for "cvs server" command, but there is another problem. That process will use the I/O streams of "cvs server" command to prompt the new password. This means that in the SSH2 protocol point of view, the authentication will succeed and password resting must be handled on those I/O streams. As Michael understands those I/O streams has be passed to cvs.core plug-in. IMHO, it is not good idea to handle such operations in cvs.core and it will be difficult for cvs.ssh2 plug-in to inspect the internals of I/O streams from "cvs server" command. So, Eclipse SDK can not address this case, I think. As for the third case. I have confirmed that OpenSSH's sshd has taken this action. If the password expiration is found in the keyboard-interactive auth method, sshd will continue the session and use keyboard-interactive method for prompting new password. So, if keyboard-interactive is tried as first, Eclipse SDK users can change password successfully. You will find following lines in org.eclipse.team.cvs.ssh2 plug-in Hashtable config=new Hashtable(); config.put("PreferredAuthentications", "gssapi-with-mic,publickey,password,keyboard-interactive"); session.setConfig(config); However, there is a minor bug in jsch-0.1.31(and the previous) about keyboard-interactive auth method and I will suggest you to change that order after upgrading to jsch-0.1.32. The conclusion of this comment entry is that, in the future(Eclipse SDK 3.4?) if we are allowed to update to jsch-0.1.32, users will be able to reset password successfully in the usual case. At least, sshd at dev.eclipse.org has supported keyboard-interactive auth method, so Sanjay will become happy. [1] Refer to http://tools.ietf.org/html/rfc4252, Section 8.
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant.
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. As such, we're closing this bug. If you have further information on the current state of the bug, please add it and reopen this bug. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant. -- The automated Eclipse Genie.