Hi Birger, Thanks for the output, I understand better now. I have fixed the problem with the username and should go in CVS very soon. However, > With root: instead of roots: I am _not_ asked for the username, but then > it goes in clear-text over the line. the username will go _always_ go clear-text over the line. Forcing "roots" does not help in this (even if you had SRP installed). The password, however, will always go encrypted. Cheers, Gerri On Tue, 4 May 2004, Birger Koblitz wrote: > Hi, > > with the following macro: > { > > TFTP service("roots://koblitz@lxn5222:5151"); // User name here!!!!! > if(! service.IsOpen()) > exit 0; > service.get("//pool/koblitz/dstarmb.root", "/tmp/dstar.root"); > } > > I get: > root [0] .x rftp.C > Info in <TPSocket::Authenticate>: Local protocol: roots > Info in <TAuthenticate::TAuthenticate>: Enter: local host: pcarda1504, > user is: koblitz (proto: roots:10) > Info in <TAuthenticate::TAuthenticate>: service: roots (remote protocol: > 10): fVersion: 3 > Info in <TAuthenticate::GenRSAKeys>: enter > Info in <TAuthenticate::GenRSAKeys>: taking seed from /dev/urandom > Info in <TAuthenticate::GetRandString>: enter ... Len: 30 Any > Info in <TAuthenticate::GetRandString>: got > '9DMhE;R?Woj}vNlni;6kdso{PKkZ6u' > Info in <TAuthenticate::GenRSAKeys>: local: test string: > '9DMhE;R?Woj}vNlni;6kdso{PKkZ6u' > Info in <TAuthenticate::GenRSAKeys>: local: length of crypted string: 44 > bytes > Info in <TAuthenticate::GenRSAKeys>: local: after private/public : > '9DMhE;R?Woj}vNlni;6kdso{PKkZ6u' > Info in <TAuthenticate::GenRSAKeys>: local: length of crypted string: 44 > bytes > Info in <TAuthenticate::GenRSAKeys>: local: after public/private : > '9DMhE;R?Woj}vNlni;6kdso{PKkZ6u' > Info in <TAuthenticate::GenRSAKeys>: local: export pub length: 90 bytes > Info in <TAuthenticate::ReadRootAuthrc>: Checking file: > /home/koblitz/.rootauthrc > Info in <TPluginManager::FindHandler>: did not find plugin for class > TSystem and uri /home/koblitz/.rootauthrc > Info in <TAuthenticate::ReadRootAuthrc>: file /home/koblitz/.rootauthrc > cannot be read (errno: 2) > Info in <TAuthenticate::ReadRootAuthrc>: Checking system > file:/opt/root/etc/system.rootauthrc > Info in <TPluginManager::FindHandler>: did not find plugin for class > TSystem and uri /opt/root/etc/system.rootauthrc > Info in <TAuthenticate::ReadRootAuthrc>: got tmp file: > /tmp/rootauthrc5TDckC open at 0x8a8cc68 > Info in <TAuthenticate::FileExpand>: enter ... > '/opt/root/etc/system.rootauthrc' ... 0x8a8cc68 > Info in <TAuthenticate::FileExpand>: read line ... 'default list usrpwd > ssh krb5 uidgid ' > Info in <TAuthenticate::GetDefaultDetails>: enter ... 0 ...pt:0 ... '*' > Info in <TAuthenticate::GetDefaultDetails>: returning ... pt:no ru:yes > cp:yes us: > Info in <TAuthenticate::GetDefaultDetails>: enter ... 4 ...pt:0 ... '*' > Info in <TAuthenticate::GetDefaultDetails>: returning ... pt:no ru:yes us: > Info in <TAuthenticate::GetDefaultDetails>: enter ... 2 ...pt:0 ... '*' > Info in <TAuthenticate::GetDefaultDetails>: returning ... pt:no ru:no us: > Info in <TAuthenticate::GetDefaultDetails>: enter ... 5 ...pt:0 ... '*' > Info in <TAuthenticate::GetDefaultDetails>: returning ... pt:no us: > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <THostAuth::Print>: + Host:default - Srv:any - User:* - # of > available methods:4 > Info in <THostAuth::Print>: + Method: 0 (UsrPwd) Ok:0 Ko:0 Dets:pt:no > ru:yes cp:yes us: > Info in <THostAuth::Print>: + Method: 4 (SSH) Ok:0 Ko:0 Dets:pt:no ru:yes > us: > Info in <THostAuth::Print>: + Method: 2 (Krb5) Ok:0 Ko:0 Dets:pt:no ru:no > us: > Info in <THostAuth::Print>: + Method: 5 (UidGid) Ok:0 Ko:0 Dets:pt:no us: > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <TAuthenticate::HasHostAuth>: enter ... default:-1 ... * > Info in <::Print>: +--------------------------- BEGIN > --------------------------------+ > Info in <::Print>: + > + > Info in <::Print>: + List fgProofAuthInfo has 0 members > + > Info in <::Print>: + > + > Info in <::Print>: > +------------------------------------------------------------------+ > Info in <::Print>: +---------------------------- END > ---------------------------------+ > Info in <TAuthenticate::TAuthenticate>: number of HostAuth Instantiations > in memory: 1 > Info in <::Print>: +--------------------------- BEGIN > --------------------------------+ > Info in <::Print>: + > + > Info in <::Print>: + List fgAuthInfo has 1 members > + > Info in <::Print>: + > + > Info in <::Print>: > +------------------------------------------------------------------+ > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <THostAuth::Print>: + Host:default - Srv:any - User:* - # of > available methods:4 > Info in <THostAuth::Print>: + Method: 0 (UsrPwd) Ok:0 Ko:0 Dets:pt:no > ru:yes cp:yes us: > Info in <THostAuth::Print>: + Method: 4 (SSH) Ok:0 Ko:0 Dets:pt:no ru:yes > us: > Info in <THostAuth::Print>: + Method: 2 (Krb5) Ok:0 Ko:0 Dets:pt:no ru:no > us: > Info in <THostAuth::Print>: + Method: 5 (UidGid) Ok:0 Ko:0 Dets:pt:no us: > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <THostAuth::PrintEstablished>: > +------------------------------------------------------------------------------+ > Info in <THostAuth::PrintEstablished>: + Host:default - Number of active > sec contexts: 0 > Info in <THostAuth::PrintEstablished>: > +------------------------------------------------------------------------------+ > Info in <::Print>: +---------------------------- END > ---------------------------------+ > Info in <::Print>: +--------------------------- BEGIN > --------------------------------+ > Info in <::Print>: + > + > Info in <::Print>: + List fgProofAuthInfo has 0 members > + > Info in <::Print>: + > + > Info in <::Print>: > +------------------------------------------------------------------+ > Info in <::Print>: +---------------------------- END > ---------------------------------+ > Info in <TAuthenticate::GetHostAuth>: enter ... lxn5222.cern.ch:1 ... > koblitz > Info in <THostAuth::Print>: Authenticate::GetHostAuth > +------------------------------------------------------------------+ > Info in <THostAuth::Print>: Authenticate::GetHostAuth + Host:default - > Srv:any - User:* - # of available methods:4 > Info in <THostAuth::Print>: Authenticate::GetHostAuth + Method: 0 (UsrPwd) > Ok:0 Ko:0 Dets:pt:no ru:yes cp:yes us: > Info in <THostAuth::Print>: Authenticate::GetHostAuth + Method: 4 (SSH) > Ok:0 Ko:0 Dets:pt:no ru:yes us: > Info in <THostAuth::Print>: Authenticate::GetHostAuth + Method: 2 (Krb5) > Ok:0 Ko:0 Dets:pt:no ru:no us: > Info in <THostAuth::Print>: Authenticate::GetHostAuth + Method: 5 (UidGid) > Ok:0 Ko:0 Dets:pt:no us: > Info in <THostAuth::Print>: Authenticate::GetHostAuth > +------------------------------------------------------------------+ > Info in <TAuthenticate::GetDefaultDetails>: enter ... 1 ...pt:1 ... > 'koblitz' > Info in <TAuthenticate::GetDefaultDetails>: returning ... pt:yes ru:no > us:koblitz > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <THostAuth::Print>: + Host:default - Srv:any - User:* - # of > available methods:5 > Info in <THostAuth::Print>: + Method: 1 (SRP) Ok:0 Ko:0 Dets:pt:yes ru:no > us:koblitz > Info in <THostAuth::Print>: + Method: 0 (UsrPwd) Ok:0 Ko:0 Dets:pt:no > ru:yes cp:yes us: > Info in <THostAuth::Print>: + Method: 4 (SSH) Ok:0 Ko:0 Dets:pt:no ru:yes > us: > Info in <THostAuth::Print>: + Method: 2 (Krb5) Ok:0 Ko:0 Dets:pt:no ru:no > us: > Info in <THostAuth::Print>: + Method: 5 (UidGid) Ok:0 Ko:0 Dets:pt:no us: > Info in <THostAuth::Print>: > +------------------------------------------------------------------+ > Info in <TAuthenticate::Authenticate>: enter: fUser: koblitz > Info in <TAuthenticate::Authenticate>: try #: 1 > Info in <THostAuth::GetDetails>: 1: returning fDetails[0]: pt:yes ru:no > us:koblitz > Info in <TAuthenticate::Authenticate>: trying authentication: method:1, > default details:pt:yes ru:no us:koblitz > Info in <TAuthenticate::SetEnvironment>: setting environment: fSecurity:1, > fDetails:pt:yes ru:no us:koblitz > Info in <TAuthenticate::SetEnvironment>: details:pt:yes ru:no us:koblitz, > Pt:yes, Ru:no, Us:koblitz > Info in <TAuthenticate::SetEnvironment>: UsDef:koblitz > Name (lxn5222.cern.ch:koblitz): > > > With root: instead of roots: I am _not_ asked for the username, but then > it goes in clear-text over the line. > > Cheers, > Birger > > > On Tue, 4 May 2004, Gerardo Ganis wrote: > > > > > > > Hi Birger, > > > > I am surprised that you are still getting asked for > > the username; could you please run with > > > > Root.Debug: 6 > > > > and send me what you get on the screen? > > Could you also tell me which ROOT version you are running? > > > > Cheers, Gerri > > > > ps: only passwords are encrypted as it is now, so it's > > normal that you find your username in the tcp-packets. > > > > > > On Tue, 4 May 2004, Birger Koblitz wrote: > > > > > Hi Gerardo, > > > > > > thanks, this works. However, it looks as if the connection is not > > > encrypted. At least I can find my username easily in the tcp-packets. I > > > don't know about the password. I found a workaround by using > > > TAuthenticate::SetGlobalUser("koblitz"); > > > However, this means my program stops to be thread-safe, which is > > > unacceptable (I am doing tests with hundreds of client-threads and also > > > would like to have several servers, possibly with different user-names). > > > > > > I consider it to be a bug, if I explicitely give the required username in the > > > URL and I am nevertheless asked for it. > > > > > > Cheers, > > > Birger > > > > > > On Tue, 4 May 2004, Gerardo Ganis wrote: > > > > > > > > > > > > > > > Hi Birger, > > > > > > > > I think your problem comes from the fact you are asking > > > > for SRP authentication (protocol "roots:// ..."). > > > > You should not get prompt if just use "root://...", ie > > > > > > > > TFTP service("root://koblitz@lxn5222:5151"); > > > > > > > > Cheers, > > > > > > > > Gerri > > > > > > > > > > > > On Tue, 4 May 2004, Birger Koblitz wrote: > > > > > > > > > Hi Fons, > > > > > > > > > > I am using the following script to do a test-transmssion via rootd: > > > > > // Macro to test ftp via rootd > > > > > { > > > > > TFTP service("roots://koblitz@lxn5222:5151"); > > > > > if(! service.IsOpen()) > > > > > exit 0; > > > > > // service.ListDirectory(); > > > > > service.get("//pool/koblitz/dstarmb.root", "/tmp/dstar.root"); > > > > > } > > > > > > > > > > The authentication is done via ssh which uses the CERN-AFS-token to login > > > > > automatically, this works. The problem is, that I have to always confirm > > > > > my user-name: > > > > > root [0] .x rftp.C > > > > > Name (lxn5222.cern.ch:koblitz): > > > > > Error in <TAuthenticate::Authenticate>: no support for SRP authentication > > > > > available > > > > > <TFTP::GetFile>: getting file /tmp/dstar.root (21330730 bytes, starting at > > > > > 0) > > > > > <TFTP::GetFile>: 31.840 seconds, 0.64 Mbytes per second > > > > > > > > > > What am I doing wrong, or is that a 'feature'? > > > > > Of course, if you want to do a lot of automatic transfers, this is not > > > > > really nice... > > > > > > > > > > Cheers, > > > > > Birger > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
This archive was generated by hypermail 2b29 : Sun Jan 02 2005 - 05:50:07 MET