Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 588050 - sftp completly broken since 4.4.0
Summary: sftp completly broken since 4.4.0
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: kdebase-runtime
Version: 12
Hardware: All
OS: Linux
low
high
Target Milestone: ---
Assignee: Than Ngo
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-02 12:01 UTC by Harald Reindl
Modified: 2010-05-09 19:54 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-09 19:47:23 UTC
Type: ---


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
KDE Software Compilation 236025 0 None None None Never

Description Harald Reindl 2010-05-02 12:01:51 UTC
https://bugs.kde.org/show_bug.cgi?id=236025


Seems that no developer is using sftp in konqueror because since 4.4.2
including 4.4.3 it is COMPLETLY broken. Seems like anybody has rewritten the
whole kio-slave from scratch and was thinking there are only
user,host,port22-configs in the real life.

Some of these bugs arte introduced before 4.4.2 and 4.4.2 seems to make them
perfect
________________________________

1)

If your Private-Key allows some users and root on the target machine and you
use sftp://user@host/ you will always use root without knowing this because
jonqueror shows all the time the user you wanted.

You realize this only if sftp-chroot is active on the host and a folder from
your bookmarks will not be found, after looking in /var/log/secure on the
server you know why :-(
________________________________

2)

If "MaxAuthTries 1" is set on the server there is no way to login, you must
allow two auth-tries, this was not so in the past
________________________________

3)

If you open a file on the server as root with kate and save the changes
owner/group is root what means that we are speaking from a webserver and you
change a configuration-file the wohle website is dead. This heavy bug is since
kde 4.4

You NEVER have to change owner/group/permissions while edit a existing file
________________________________

4)

If you have more sshd on a host on different ports (vmware-machines behind NAT
with port forwarding on the host as sample) and in your "known_hosts" are
entrys since years for thsi connections it will fail now because kde will use
the wrong line from "known_host", mean it will use the line for the host
himself instead the one with the port you use what means that verification
fails

a workaround for me was copy the ssh-host-keys in each virtual machine so that
there is all time the same, but this worked over years fine even with kde3 and
with 4.4 it was destroyed

Comment 1 Kevin Kofler 2010-05-09 15:16:26 UTC
* kio_sftp is in kdebase-runtime. Reassigning.
* The new kio_sftp was introduced in 4.4.0, not 4.4.2. Fixing subject.
* "Completely broken" is an overstatement, I'm using that kio_sftp just fine.
* There are 4 different issues in your bug report. Please file 4 different bug reports.
* Please report those bugs upstream to https://bugs.kde.org/ .

Comment 2 Kevin Kofler 2010-05-09 15:18:25 UTC
And several if not all those bugs might actually be bugs in libssh.

Comment 3 Harald Reindl 2010-05-09 18:26:51 UTC
> * The new kio_sftp was introduced in 4.4.0, not 4.4.2. Fixing subject.

Not all of the problems was introduced with 4.4.0 as far i remember

> * "Completely broken" is an overstatement, 

No, if i can not trust permissons of edited files and the user with which i am connected it is completly broken!

> * I'm using that kio_sftp just fine.

For basic use it maybe ok, but nobody expects such a break with 4.4.0
There was so many troubles with kde 4.0 and 4.4.x has not solved all of the bad things but instead get troubles away with every release another layer will be totally changed and if we ever see a really working kde4 some crazy guy will push kde5 and the game starts again

sometimes it feels like at a point things begin to working they trashed and rewritten completly to get not bored with working systems, this affects not only kde but most

> * There are 4 different issues in your bug report. 
> Please file 4 different bug reports.

for what reason?
it´s the same part and you make reporters life hard enough to say "report upstream", maintainers from non-kde-packages handling this better!

> * Please report those bugs upstream to https://bugs.kde.org/ .   

if even linked to upstream bugreport

Comment 4 Kevin Kofler 2010-05-09 19:47:23 UTC
Oh well, then why have a Fedora bug report in the first place?

Comment 5 Harald Reindl 2010-05-09 19:54:31 UTC
> Oh well, then why have a Fedora bug report in the first place? 

Becasue i really try to help free-software with bugreports as far i can, but if every time i try to do i get "do this.. do this.. do this.." it will be a problem because some of the bugs are unacceptable for a stable release and bad for free software as summary - We run in dange that users must fear every update with "ok lets look what broken this time"

I am web-developer and understand well that it makes sense to change backend-infrastructure from time to time, but it should not happen that it is released to normal users without well testing and with breaking functions which worked well over years


Note You need to log in before you can comment on or make changes to this bug.