From ccae60940241b30e8bc3e405936b6ba68857930c Mon Sep 17 00:00:00 2001 From: Vitalii Zurian Date: Tue, 9 Jul 2024 06:34:13 +0200 Subject: [PATCH] Add hint to check SFTP authorization log. In the case of authorization failures there many be valuable information in the log. --- doc/xml/release/2024/2.53.xml | 13 +++++++++++++ doc/xml/release/contributor.xml | 5 +++++ src/storage/sftp/storage.c | 3 ++- test/src/module/storage/sftpTest.c | 9 ++++++--- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/doc/xml/release/2024/2.53.xml b/doc/xml/release/2024/2.53.xml index 2465484ab..17f418b57 100644 --- a/doc/xml/release/2024/2.53.xml +++ b/doc/xml/release/2024/2.53.xml @@ -76,6 +76,19 @@

Allow alternative WAL segment sizes for PostgreSQL ≤ 10.

+ + + + + + + + + + + +

Add hint to check SFTP authorization log.

+ diff --git a/doc/xml/release/contributor.xml b/doc/xml/release/contributor.xml index 0e8c298b3..64b83d3f1 100644 --- a/doc/xml/release/contributor.xml +++ b/doc/xml/release/contributor.xml @@ -1073,6 +1073,11 @@ ViperRu + + Vitalii Zurian + thecatontheflat + + Vitaliy Kukharik vitabaks diff --git a/src/storage/sftp/storage.c b/src/storage/sftp/storage.c index 364024552..f5beb69b6 100644 --- a/src/storage/sftp/storage.c +++ b/src/storage/sftp/storage.c @@ -1343,7 +1343,8 @@ storageSftpNew( "HINT: libssh2 compiled against non-openssl libraries requires --repo-sftp-private-key-file and" " --repo-sftp-public-key-file to be provided\n" "HINT: libssh2 versions before 1.9.0 expect a PEM format keypair, try ssh-keygen -m PEM -t rsa -P \"\" to" - " generate the keypair")); + " generate the keypair\n" + "HINT: check authorization log on the SFTP server")); } // Init the sftp session diff --git a/test/src/module/storage/sftpTest.c b/test/src/module/storage/sftpTest.c index 573645b8f..5c3e451f2 100644 --- a/test/src/module/storage/sftpTest.c +++ b/test/src/module/storage/sftpTest.c @@ -240,7 +240,8 @@ testRun(void) "HINT: libssh2 compiled against non-openssl libraries requires --repo-sftp-private-key-file and" " --repo-sftp-public-key-file to be provided\n" "HINT: libssh2 versions before 1.9.0 expect a PEM format keypair, try ssh-keygen -m PEM -t rsa -P \"\" to generate the" - " keypair"); + " keypair\n" + "HINT: check authorization log on the SFTP server"); // ------------------------------------------------------------------------------------------------------------------------- TEST_TITLE("fingerprint mismatch"); @@ -586,7 +587,8 @@ testRun(void) "HINT: libssh2 compiled against non-openssl libraries requires --repo-sftp-private-key-file and" " --repo-sftp-public-key-file to be provided\n" "HINT: libssh2 versions before 1.9.0 expect a PEM format keypair, try ssh-keygen -m PEM -t rsa -P \"\" to generate the" - " keypair"); + " keypair\n" + "HINT: check authorization log on the SFTP server"); TEST_RESULT_BOOL( unsetenv("PGBACKREST_REPO1_SFTP_PRIVATE_KEY_PASSPHRASE"), 0, "unset PGBACKREST_REPO1_SFTP_PRIVATE_KEY_PASSPHRASE"); @@ -2036,7 +2038,8 @@ testRun(void) "HINT: libssh2 compiled against non-openssl libraries requires --repo-sftp-private-key-file and" " --repo-sftp-public-key-file to be provided\n" "HINT: libssh2 versions before 1.9.0 expect a PEM format keypair, try ssh-keygen -m PEM -t rsa -P \"\" to generate the" - " keypair"); + " keypair\n" + "HINT: check authorization log on the SFTP server"); TEST_RESULT_BOOL( unsetenv("PGBACKREST_REPO1_SFTP_PRIVATE_KEY_PASSPHRASE"), 0, "unset PGBACKREST_REPO1_SFTP_PRIVATE_KEY_PASSPHRASE");