Hide Forgot
+++ This bug was initially created as a clone of Bug #1260742 +++ Description of problem: When using libreport-plugin-reportuploader, looks like CURL requires the public SSH key even if there is no need for it. Version-Release number of selected component (if applicable): libreport-plugin-reportuploader-2.0.9-24.el6.x86_64 How reproducible: Steps to Reproduce: 1. Configure libreport-plugin-reportuploader to scp dumps with ssh keys 2. Configure only the private key 3. Kaboom Actual results: Locked '.lock' Compressing data Unlocked '/var/spool/abrt/ccpp-2015-09-07-11:03:58-234464/.lock' Sending /tmp/ccpp-2015-09-07-11:03:58-234464.tar.gz to use-abrt1.ops.rhcloud.com/var/spool/abrt-upload/ abrt_post('scp://abrt_upload.rhcloud.com/var/spool/abrt-upload/ccpp-2015-09-07-11:03:58-234464.tar.gz','/tmp/ccpp-2015-09-07-11:03:58-234464.tar.gz') curl: About to connect() to use-abrt1.ops.rhcloud.com port 22 (#0) curl: Trying 172.16.66.102... curl: connected curl: Connected to use-abrt1.ops.rhcloud.com (172.16.66.102) port 22 (#0) curl: SSH MD5 fingerprint: 5ffc40458bdae829212e0a1f6e91fdd4 curl: SSH authentication methods available: publickey,gssapi-keyex,gssapi-with-mic curl: Using ssh public key file /root/.ssh/id_dsa.pub curl: Using ssh private key file /root/.ssh/id_dsa curl: SSH public key authentication failed: Unable to open public key file curl: Authentication failure curl: Closing connection #0 curl_easy_perform: error 67 curl_easy_perform: error_msg: curl_easy_perform: Login denied Error while uploading: 'curl_easy_perform: Login denied' Expected results: The upload should be done even without the public key. --- Additional comment from Jakub Filak on 2015-10-22 10:49:26 CEST --- It looks like that curl tries really hard to set the path to public key and I am afraid that it is not possible to prevent libcurl from doing so: curl-7.19.7/lib/ssh.c home = curl_getenv("HOME"); if(data->set.str[STRING_SSH_PUBLIC_KEY]) sshc->rsa_pub = aprintf("%s", data->set.str[STRING_SSH_PUBLIC_KEY]); else if(home) sshc->rsa_pub = aprintf("%s/.ssh/id_dsa.pub", home); else /* as a final resort, try current dir! */ sshc->rsa_pub = strdup("id_dsa.pub"); libreport does not explicitly specify the public key path, so libcurl should not use it: curl-7.45.0/lib/ssh.c if(data->set.str[STRING_SSH_PUBLIC_KEY]) { sshc->rsa_pub = strdup(data->set.str[STRING_SSH_PUBLIC_KEY]); if(!sshc->rsa_pub) out_of_memory = TRUE; } --- Additional comment from Kamil Dudka on 2015-10-27 11:48:28 CET --- We need the following upstream patch, which is not yet included in RHEL-7: https://github.com/bagder/curl/commit/curl-7_38_0-47-gfa7d04f
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2575.html