[Bug 267819] misc/mc Midnight Commander cannot SFTP into FreeBSD with PasswordAuthentication set to no and UsePAM set to yes

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 17 Nov 2022 02:59:59 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267819

            Bug ID: 267819
           Summary: misc/mc Midnight Commander cannot SFTP into FreeBSD
                    with PasswordAuthentication set to no and UsePAM set
                    to yes
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: danfe@FreeBSD.org
          Reporter: iio7@tutanota.com
          Assignee: danfe@FreeBSD.org
             Flags: maintainer-feedback?(danfe@FreeBSD.org)

The default SSH authentication mechanism is to ask for a username and a
password, which is what OpenSSH does when PasswordAuthentication is said to
"yes". When the option is changed to "no", using a password doesn't work and
you have to login by e.g. a key. However, the FreeBSD 13.1 version also has the
option "UsePAM", which is default set to "yes". So this means that PAM is
authenticating users.

With that setup regular SSH and SFTP into the FreeBSD box via the console
works, but using Midnight Commander to SFTP into the FreeBSD box doesn't work
and it fails with 'Cannot chdir to "/sftp://foo"'

Changing the "PasswordAuthentication" option to "yes" solves the issue.

I am not sure why Midnight Commander fails when it's PAM that is authenticating
users, but I suspect it has to do with the format of the command being send.

Steps to recreate the issue:

1. Have a FreeBSD box with SSH access running. Make sure the defaults settings
are set, "PasswordAuthentication" is "no" and "UsePAM" is "yes".

2. Open Midnight Commander and use the MENU option F9. Choose "SFTP Link" and
input the username, password, hostname, etc. of the FreeBSD box with SSH
running. 
Midnight Commander fails.

3. Change the "PasswordAuthentication" option to "yes" and restart sshd and try
again, Midnight Commander can now access the host via SFTP.

Kind regards.

-- 
You are receiving this mail because:
You are the assignee for the bug.