dcu / onetouch-ssh Goto Github PK

ssh ::
Sending approval request to your device... invalid approval request response: User not found.Connection to :: closed.

user is in users.list and visible in the auty dashboard too!

something like:

onetouch-ssh add-user -i

onetouch-ssh add-user -i [email protected]

I got issue after successful auth:

onetouch-ssh shell XXXXX  
Sending approval request to your device... [sent]
You've been logged in successfully.
invalid argument

on the app i see "Login on to: exit 1" so i suspect it cannot get hostname on BSD? And as a result exit code 1, users are unable to login.

I'm trying to build this, but alas, the build fails:

# github.com/dcu/onetouch-ssh
.go/src/github.com/dcu/onetouch-ssh/user.go:93: undefined: authy.NewAuthyApi

I tried downloading your go-authy library first and rebuilding, but still nothing:

root@gamma:~# go get github.com/dcu/go-authy
root@gamma:~# go get github.com/dcu/onetouch-ssh
# github.com/dcu/onetouch-ssh
.go/src/github.com/dcu/onetouch-ssh/user.go:93: undefined: authy.NewAuthyApi

Could this be some idiocy with my environment?

In case sshd allows both key and key-less access onetouch-ssh will not be enforced on clients who connect without a key.

One potential solution is to use ForceCommand in /etc/ssh/sshd_config to require call to onetouch-ssh upon login.

I had configured my /etc/ssh/sshd_config in the following way:

Match User valexeev
  ForceCommand /home/valexeev/.authy-onetouch/login.sh

With login.sh containing:

#!/bin/sh
/usr/local/bin/onetouch-ssh shell AUTHYID

It should be possible to create a non-user dependent script that will check SSH environment variables to determine correct AUTHYID.

Hi,

onetouch-ssh creates /tmp/onetouch.log that is owned by currently running user, making it impossible to run by any other user in the system. Here is proposed patch for this:

kolargol@32707a5

It create /tmp/onetouch-ssh-UID.log that do not conflict with other users.

requires dcu/go-authy#2

When the connection is initiated and the program tries to send the approval request, it panics.

Sending approval request to your device... panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0 pc=0x5080e8]

goroutine 1 [running]:
panic(0x8c3260, 0xc820010100)
        /home/sean/.gimme/versions/go1.6.1.linux.amd64/src/runtime/panic.go:464 +0x3e6
github.com/dcu/go-authy.NewApprovalRequest(0xc8202f6870, 0x7f71e979d1a8, 0x0, 0x0)
        /home/sean/.go/src/github.com/dcu/go-authy/approval_request.go:53 +0x1d8
github.com/dcu/go-authy.(*Authy).SendApprovalRequest(0xc8200dbec0, 0x7ffcb1cb0b8a, 0x7, 0xc8203ee180, 0x17, 0xc8203bc1e0, 0xc8203bc210, 0x0, 0x0, 0x0)
        /home/sean/.go/src/github.com/dcu/go-authy/api.go:142 +0x27b
github.com/dcu/onetouch-ssh/ssh.(*Verification).SendOneTouchRequest(0xc8200dbee0, 0x2b, 0x0, 0x0)
        /home/sean/.go/src/github.com/dcu/onetouch-ssh/ssh/verification.go:117 +0x731
github.com/dcu/onetouch-ssh/ssh.(*Verification).Run(0xc8200dbee0, 0x0, 0x0)
        /home/sean/.go/src/github.com/dcu/onetouch-ssh/ssh/verification.go:45 +0x6c
github.com/dcu/onetouch-ssh/cmd.glob.func6(0xbd5320, 0xc8201021f0, 0x1, 0x1)
        /home/sean/.go/src/github.com/dcu/onetouch-ssh/cmd/shell.go:47 +0x8d
github.com/spf13/cobra.(*Command).execute(0xbd5320, 0xc8201021a0, 0x1, 0x1, 0x0, 0x0)
        /home/sean/.go/src/github.com/spf13/cobra/command.go:565 +0x85a
github.com/spf13/cobra.(*Command).ExecuteC(0xbd5120, 0xbd5320, 0x0, 0x0)
        /home/sean/.go/src/github.com/spf13/cobra/command.go:651 +0x55c
github.com/spf13/cobra.(*Command).Execute(0xbd5120, 0x0, 0x0)
        /home/sean/.go/src/github.com/spf13/cobra/command.go:610 +0x2d
github.com/dcu/onetouch-ssh/cmd.Execute()
        /home/sean/.go/src/github.com/dcu/onetouch-ssh/cmd/root.go:42 +0x27
main.main()
        /home/sean/.go/src/github.com/dcu/onetouch-ssh/main.go:26 +0x14

Earlier today I was connecting from Putty and the connection would drop immediately without showing any logs.

I'm just filing this bug for historical purposes as I'm going to try to fix it right now.

Ninja edit: Going to attempt to determine if this bug is introduced here or in go-authy.

So, extra work this morning, onetouch wasn't working so I had to go in through the garage :)

Sending approval request to your device... Post https://api.authy.com//onetouch/json/users/<redacted>/approval_requests: invalid request :path "//onetouch/json/users/<redacted>/approval_requests"ME@MINE:~$

Guess Authy changed the API?

This is actually just removing a control that we have in the code.

I set up onetouch-ssh on centos 7 vm. When trying to log in, I see request was sent and I get notification on my cell. When I click approve button on my cell, I get Error message on the phone saying: There was an error processing the request: Public Key was not found. Is there some setting I am missing on Authy side? Using code works correctly if I wait long enough...

We should attempt to add unit and integration tests for this. It would make pushing new releases easier. But, the only problem I can see is building forked sources since Go likes to get all pull-happy with source trees...

Ideas?

https://godoc.org/github.com/msteinert/pam#example-package--Authenticate