Univention Bugzilla – Bug 57115
univention-ssh: too much catch IOError
Last modified: 2024-03-08 16:34:54 CET
``` Traceback (most recent call last): File "/usr/lib/univention-ssh/univention-ssh-askpass", line 278, in <module> print('Failed to read password from %s' % (pw_filename,), file=sys.stderr) NameError: name 'pw_filename' is not defined ``` Not all IOErrors are caused by not being able to read the PW. - [ ] Please refactor base/univention-ssh/univention-ssh.in to only catch IOError→OSError when opening file. - [ ] Convert to Python3 only code. - [ ] Add type annotations - [ ] …
1 times in /root/ucs-test.log: https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/AutotestJoin/SambaVersion=no-samba,Systemrolle=master/ws/test/ucs-test.log Traceback (most recent call last): File "/usr/lib/univention-ssh/univention-ssh-askpass", line 152, in <module> print(os.environ[UNIVENTION_SSH_ASKPASS_ENV], end="") BrokenPipeError: [Errno 32] Broken pipe 1 times in /root/ucs-test.log: https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/AutotestJoin/SambaVersion=no-samba,Systemrolle=master/ws/test/ucs-test.log Traceback (most recent call last): File "/usr/lib/univention-ssh/univention-ssh-askpass", line 278, in <module> print('Failed to read password from %s' % (pw_filename,), file=sys.stderr) NameError: name 'pw_filename' is not defined
»···rsa1) filename='/etc/ssh/ssh_host_key'; [ "$bits" -ge 768 ] || die "minimum 768" ;; »···dsa) [ "$bits" -eq 1024 ] || die "only 1024" ;; »···rsa) [ "$bits" -ge 768 ] || die "minimum 768" ;; are deprecated as they are insecure; they still use SHA1 broken since 2017 or only allow 1k bits, which is too weak: - rsa1 8.7 2021-08-20 - dsa 8.9 2022-02-23 - rsa: minimum key size is 1k See https://git.knut.univention.de/univention/ucs/-/merge_requests/1093