"Eric J. Schwertfeger" <[EMAIL PROTECTED]> writes:
> What compilers has lsh been tested on? What I've been seeing is that any
> error returned to the client causes the client to core dump (in this case
> it did, but the server continued to function), so that's where I'm going
> to focus my attention. It's almost as if lsh is using some part of C++
> that isn't implemented correctly, like exceptions. I know this isn't
> the case, since there isn't any C++ code there, I just want to rule it
> out. FWIW, FreeBSD 3.X is using gcc 2.7.2.
I have only used gcc (but I usually compile with gcc -O2 -Wall which
should warn for most implementation dependent behaviours). I don't use
any fancy language features, not even long jump. Loads of function
pointers, but I don't know of any compilers haveing problems with
that.
So I can't rule out either compiler bugs or implementation dependent C
constructions, but it seems unlikely.
> Note: with the authorization done correctly, it lets me in. If
> ~/.lsh/identity(.pub ?) doesn't exist or --no-publickey is specified, it
> correctly asks me for a password and lets me in. The only failure mode if
> publickey authorization is attempted but fails.
If public key auth failes, it is supposed to go on and try password auth.
> > Current versions uses sha1 rather than md5. The right command is
> > something like
> >
> > touch ~/.lsh/authorized_keys_sha1/`sexp_conv < some_pubkey --hash sha1
>--raw-hash --once`
> >
> > Or use the script src/lsh-authorize.
>
> ROFL, I was just thinking that a script like that would be useful, should
> have known I wouldn't be the first to think of it. I'll have to modify
> it, or make the port depend on bash, since the function syntax used
> doesn't work for FreeBSD's /bin/sh (or Solaris 2.6 /bin/sh for that
> matter).
I thought functions existed in the plain /bin/sh. If you can make
that script more portable, that's appreciated.
> O.K., now I see what I was missing, the identity files are only used to
> authenticate with another machine, it's the authorize stuff that is used
> when connecting to the current machine, and you can have multiple
> authorize files, no problem :-) (I'm usually not this slow, really :-)
I don't quite follow you here, but I hope you're right ;)
/Niels
