[Developers] New version with security fix (token implementation)
Bart Matthaei
bart at ambrero.nl
Wed Aug 22 21:15:14 CEST 2007
Try 'Add all keys' while your keychain is locked. You should get a
'Unlock keychain' dialog.
Then try using the SSHKeychain menu.
B.
On 22-aug-2007, at 20:55, Eric Warnke wrote:
> Weird.
>
> I have been unable to even come close to reproducing a beachball for
> those events.
>
> -Eric
>
>
> On 8/22/07, Bart Matthaei <bart at ambrero.nl> wrote:
>> The seperate thread for addAllKeysToAgent was there so you could
>> still use the sshkeychain menu while it was adding keys.
>> Now you get a spinner...
>>
>> Why did you remove the thread?
>>
>>
>> On 22-aug-2007, at 20:31, Eric Warnke wrote:
>>
>>> I'm running it right now without trouble. I had to update that one
>>> #include to get it it build. Assuming you don't have any questions
>>> about the commit feel free to send it out. The edits should be
>>> fairly
>>> straight forward.
>>>
>>> Cheers,
>>> Eric
>>>
>>> On 8/22/07, Bart Matthaei <bart at ambrero.nl> wrote:
>>>> Hi Eric,
>>>>
>>>> just saw your commit in trunk. Shall I build / mail this as 0.8.3
>>>> beta1?
>>>>
>>>> Cheers,
>>>>
>>>> Bart
>>>>
>>>> On 22-aug-2007, at 17:45, Eric Warnke wrote:
>>>>
>>>>> No, tunnel runnel will take a few weeks and I'm heading off for
>>>>> vacation on Saturday as well ( 2 weeks ).
>>>>>
>>>>> I recommend pulling the suid root bit and explaining in the
>>>>> release
>>>>> notes how to re-enable the bits ( for the time being ).
>>>>>
>>>>> I will merge down a subset of changes from my branch, build, and
>>>>> test
>>>>> and then commit back up in a few hours. Unfortunatly the changes
>>>>> touched many of the same files so it's going to be fun merging
>>>>> them.
>>>>>
>>>>> -Eric
>>>>>
>>>>> On 8/22/07, Bart Matthaei <bart at sshkeychain.org> wrote:
>>>>>> By all means, but I was planning on making a security release
>>>>>> BEFORE
>>>>>> my holiday (which starts next saturday),
>>>>>> so do you think we have enough time to test your fixes too?
>>>>>>
>>>>>> Is the TunnelRunner fix in there too?
>>>>>>
>>>>>> B.
>>>>>>
>>>>>> On 22-aug-2007, at 17:27, Eric Warnke wrote:
>>>>>>
>>>>>>> Bart,
>>>>>>>
>>>>>>> Do you mind if pull over a handful of fixes from my branch if
>>>>>>> you
>>>>>>> are
>>>>>>> doing a release? Specifically the screensaver, keychain
>>>>>>> handling
>>>>>>> updates, and the key timeout threading fixes? I think my new
>>>>>>> ssh-agent code needs a little more time to bake.
>>>>>>>
>>>>>>> -Eric
>>>>>>>
>>>>>>>
>>>>>>> On 8/22/07, Bart Matthaei <bart at ambrero.nl> wrote:
>>>>>>>> p.s. token creation is done in a fairly easy fasion (reading 99
>>>>>>>> bytes
>>>>>>>> from /dev/urandom
>>>>>>>> and converting them to ascii characters between 33 and 126 so
>>>>>>>> getenv
>>>>>>>> () / setenv() doesn't screw up).
>>>>>>>>
>>>>>>>> feel free to enhance it, but imho it should be sufficient
>>>>>>>> the way
>>>>>>>> it is.
>>>>>>>>
>>>>>>>> On 22-aug-2007, at 17:03, Bart Matthaei wrote:
>>>>>>>>
>>>>>>>>> Hi guys,
>>>>>>>>>
>>>>>>>>> i've committed my latest code. It includes a TokenController
>>>>>>>>> which
>>>>>>>>> handles creation and validation of tokens.
>>>>>>>>>
>>>>>>>>> Attached is a build. If all works well we can send it out to
>>>>>>>>> users@
>>>>>>>>> tomorrow and ask them to test it.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>>
>>>>>>>>> Bart
>>>>>>>>> <SSHKeychain.zip>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Bart Matthaei
>>>>>>>>> bart at ambrero.nl
>>>>>>>>>
>>>>>>>>> Ambrero Software
>>>>>>>>> http://www.ambrero.nl/
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> developers mailing list
>>>>>>>>> developers at sshkeychain.org
>>>>>>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>>>>>
>>>>>>>> --
>>>>>>>> Bart Matthaei
>>>>>>>> bart at ambrero.nl
>>>>>>>>
>>>>>>>> Ambrero Software
>>>>>>>> http://www.ambrero.nl/
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> developers mailing list
>>>>>>>> developers at sshkeychain.org
>>>>>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> developers mailing list
>>>>>>> developers at sshkeychain.org
>>>>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Bart Matthaei
>>>>>> bart at ambrero.nl
>>>>>>
>>>>>> Ambrero Software
>>>>>> http://www.ambrero.nl/
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> developers mailing list
>>>>>> developers at sshkeychain.org
>>>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>>>
>>>>> _______________________________________________
>>>>> developers mailing list
>>>>> developers at sshkeychain.org
>>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>>
>>>>
>>>> --
>>>> Bart Matthaei bart at ambrero.nl
>>>>
>>>> Ambrero Software
>>>> http://www.ambrero.nl/
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> developers mailing list
>>>> developers at sshkeychain.org
>>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>>
>>> _______________________________________________
>>> developers mailing list
>>> developers at sshkeychain.org
>>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>>
>>
>> --
>> Bart Matthaei bart at ambrero.nl
>>
>> Ambrero Software
>> http://www.ambrero.nl/
>>
>>
>>
>> _______________________________________________
>> developers mailing list
>> developers at sshkeychain.org
>> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>>
> _______________________________________________
> developers mailing list
> developers at sshkeychain.org
> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>
--
Bart Matthaei bart at ambrero.nl
Ambrero Software
http://www.ambrero.nl/
More information about the developers
mailing list