git suddenly started putting up a dialog instead of asking for my password on the command line
Joel Rees
joel.rees at gmail.com
Thu Sep 24 12:45:30 UTC 2020
On Wed, Sep 23, 2020 at 9:56 PM Liam Proven <lproven at gmail.com> wrote:
>
> On Wed, 23 Sep 2020 at 14:00, Joel Rees <joel.rees at gmail.com> wrote:
> > >
> > > There are too many variables to say just yet.
> >
> > That's why I'm hoping someone has some suggestions.
>
> What I am trying to say is that you have not given us enough
> information to make suggestions.
Still trying to figure out what's relevant.
> > Git to a repository on the osdn.net servers.
> > (https://osdn.net/projects/splitstack-runtimelib/)
>
> OK. So, is you account on OSDN in good shape? No recent criteria
> changes? Still has your keys? They are correct and current? You have
> not changed them?
I can log in via their web interface, to do maintenance kinds of
things, and to check
the public key I have given them.
> > It's been several months since I did a push.
>
> This does not really seem to change anything, except that maybe this
> issue is some months old and you just have not noticed...
It's possible. Like I mentioned, my searches did bring up some changes
in the human protocol side of git.
Or perhaps it's gnupg or ssh that is invoking something that gets
shunted out off the command line to
a pop-up modal dialog interface.
Or it might have something to do with some desktop applications I
recently installed. My wife wanted
typing practice software, and insisted on having it NOW (and hasn't
touched it since), so I was
a little silly and installed a bunch of things like
ktouch
klavaro
bam bam
dvorak 7 min
gcompris education
pysio game
TIPP10
tux typing
and I think some of those had dependencies that sucked a wallet or two
in, which is suspicious.
and I then installed geogebra and kalgebra to try to help my daughter
with her art class.
Both of those have grown a little out-of-control, as well.
> > > but with 2-factor authentication as well (for 1 particular repo).
> >
> > I don't believe in 2 factor.
>
> Well, I am sorry to tell you that the crackers don't care whether you
> believe in it or not. Most account-compromise attempts now are
> automated by software that is not written or understood by the people
> using it. It is the modern equivalent of wall-dialling, AKA
> war-dialling.
>
> 2FA is more or less essential now if you are doing anything remotely important.
>
> https://www.forbes.com/sites/laurashin/2014/11/18/someone-had-taken-over-my-life-an-identity-theft-victims-story/
Forbes on security? Not going there.
> https://www.csmonitor.com/World/Passcode/2015/0506/What-it-s-like-to-have-your-identity-stolen
>
> https://heimdalsecurity.com/blog/start-using-two-factor-authentication/
>
Deep sigh. Don't get me distracted.
> I dislike it, but I am gradually turning it on for everything. It is a
> pain but a necessary pain.
>
> > I supply the password to my local ssh keystore at the terminal command line
> > when I do a push to my stuff on osdn.
>
> Do those locally-stored credentials match the ones on OSDN? Do not
> assume; check.
I have now logged in and checked. (I had gotten a visual on it while I
was logged in
a couple of weeks ago, which is why I didn't bother checking before I
posted the question.)
> > Hmm. I probably need to check whether OSDN has my public key.
> > But that hasn't changed in the time since I last did a push.
>
> How can you be sure?
As I say, I have now checked since this occurred.
I'm pretty sure it was something I installed in between the last push and now.
I can possibly get my old debian wheezy workstation booted up and try
some git from that
to see if I get some clues about things changing in the external world.
But I'm more inclined to think it's something on the current Ubuntu
18.04 workstation.
--
Joel Rees
http://reiisi.blogspot.jp/p/novels-i-am-writing.html
More information about the ubuntu-users
mailing list