Ubuntu
bzr package

bzr should install launchpad ssh host keys

Bug #296110 reported by Martin Pool
6
Affects Status Importance Assigned to Milestone
Bazaar
Confirmed
Low
Unassigned
Launchpad itself
Invalid
Undecided
Unassigned
bzr (Ubuntu)
Triaged
Wishlist
Unassigned

Bug Description

It would be nice if installing bzr installed the launchpad ssh host keys, so that people aren't prompted to accept them when first accessing it.

On Unix we could install them system-wide, possibly doing this just in packaging. For Windows we should possibly specially provide them to paramiko.

Tags: lp-code
Martin Pool (mbp)
Changed in bzr:
importance: Undecided → Low
Revision history for this message
Jonathan Lange (jml) wrote :

Not sure there's anything we can do about this server-side.

Changed in launchpad-bazaar:
status: New → Invalid
Revision history for this message
Martin Pool (mbp) wrote :

See also bug 238869.

Revision history for this message
Jonathan Marsden (jmarsden) wrote :

I'm not sure that this change would be universally welcomed... why would a user want or expect that installing a DVCS tool (bzr) would "behind their back" mess with files under ~/.ssh/ (or worse, with system-wide SSH configuration!)?

Is there anything wrong with being asked accept the LP SSH keys? It works, and it is expected behaviour when accessing any new repository over an ssh-protected link, surely. It is quick and simple already. The bug submitter does not seem to me to have made a clear case for treating this one remote repository (Launchpad) as being in any way different from all others.

IMO, bzr users are in general not your average Ubuntu user, they are often developers, who understand more of the system than most (there's often not much point grabbing code using bzr if you are *not* a developer). Given that intended user population, I'd suggest that prompting the user before adding SSH keys is the desired (correct) behaviour.

Use cases where the current approach causes a problem would be good to have documented, I think.

Bug #238869, that when using one particular Windows SSH client it doesn't even ask you to accept the new key, is clearly a bug -- but one with that client, rather than one with bzr, I think.

Overall, if a set of known SSH keys is to be provided by default, I'd think the expected place for doing that would be in the openssh packages, not in bzr ? Overall, though, I think only using keys the user has confirmed they want to use is better, both from a security perspective and from the principle of least surprise.

Revision history for this message
Martin Pool (mbp) wrote : Re: [Bug 296110] Re: bzr should install launchpad ssh host keys

The bug is perhaps jumping to conclusions, and should rather say:
there should be a reasonable and easy path for people to be sure of
the launchpad host key. Prompting with the fingerprint, while common,
is neither very friendly or very secure. Maybe the other bug 238869
is more useful here.

Martin Pool (mbp)
Changed in bzr:
status: New → Confirmed
Andrea Corbellini (andrea.corbellini)
Changed in bzr:
importance: Undecided → Wishlist
status: New → Triaged
Jelmer Vernooij (jelmer)
tags: added: check-for-breezy
Jelmer Vernooij (jelmer)
tags: removed: check-for-breezy
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.