pkg/57190: Tahoe-LAFS looks for moduli file in the wrong place.

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/57190: Tahoe-LAFS looks for moduli file in the wrong place.
From: xfalkenx%sdf.org@localhost
Date: Thu, 19 Jan 2023 20:40:01 +0000 (UTC)

>Number:         57190
>Category:       pkg
>Synopsis:       Tahoe-LAFS looks for moduli file in the wrong place.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jan 19 20:40:01 +0000 2023
>Originator:     Xavier F.
>Release:        9.2
>Organization:
>Environment:
NetBSD tahoec01.local 9.2 NetBSD 9.2 (GENERIC) #0: Wed May 12 13:15:55 UTC 2021  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64

>Description:
The following error comes up when connecting to the SFTP service from a Tahoe-LAFS client compiled from pkgsrc (filesystems/tahoe-lafs) on a NetBSD release 9.2 installed in an amd64 box.

2022-12-27T04:56:06+0100 [allmydata.frontends.sftpd.SSHFactory#info] disabling non-fixed-group key exchange algorithms because we cannot find moduli file

This is because Tahoe-LAFS client looks for this file in the usual placement which is:

/etc/ssh/moduli

Instead, NetBSD keeps this file in:

/etc/moduli

To get rid off this error one must link or copy the file to the former path.

Note that this error does not keep the SFTP service from being used at all with the NetBSD's stock openssh client but unknown issues could come up when combining non-stock ciphers or algorithms between the client and the service.




>How-To-Repeat:
Install filesystems/tahoe-lafs.

Setup a Tahoe-LAFS client configuration for connecting to a standard grid.

Add the standard [sftpd] directives:

----
[sftpd]
enabled = true
port = tcp:8022:interface=127.0.0.1
host_pubkey_file = private/ssh_host_rsa_key.pub
host_privkey_file = private/ssh_host_rsa_key
accounts.file = private/accounts
----

Create proper host key files and populate the private/accounts with a valid ssh public key (use the current user account for simplicity).

Start the client:

tahoec01$ tahoe run&

Log will be written to stdout.

Open a new xterm and connect to the SFTP client's service:

tahoec01$ sftp -P 8022 127.0.0.1

Just before the negotiation and authentication, the log will show the above mentioned error.

>Fix:

Prev by Date: Re: pkg/57114 (archivers/pax hangs on checking *printf() support for %lld...)
Next by Date: Re: pkg/53446 (misc/raspberrypi-userland distfile changed without revision bump)
Previous by Thread: pkg/57189: m4 sparc package has SPARC32PLUS, V8+ Required
Next by Thread: PR/57151 CVS commit: [pkgsrc-2022Q4] pkgsrc
Indexes:

Home | Main Index | Thread Index | Old Index