I can't run the "Fastlane release", because it shows the error "Couldn't decrypt the repo, please make sure you enter the right password!".
I'm sure that the entered password is correct. I tried to remove all profiles and certificates manually but it didn't work.
[13:03:58]: Enter the passphrase that should be used to encrypt/decrypt your certificates
[13:03:58]: This passphrase is specific per repository and will be stored in your local keychain
[13:03:58]: Make sure to remember the password, as you'll need it when you run match on a different machine
[13:03:58]: Passphrase for Match storage: ********
[13:04:10]: Type passphrase again: ********
[13:04:16]: wrong final block length
[13:04:16]: Couldn't decrypt the repo, please make sure you enter the right password!
keychain: "/Users/mohsen/Library/Keychains/login.keychain-db"
version: 512
class: "inet"
attributes:
0x00000007 <blob>="match_https://bitbucket.org/******"
0x00000008 <blob>=<NULL>
"acct"<blob>=<NULL>
"atyp"<blob>="dflt"
"cdat"<timedate>=0x32303230303332343038333431355A00 "20200324083415Z\000"
"crtr"<uint32>=<NULL>
"cusi"<sint32>=<NULL>
"desc"<blob>=<NULL>
"icmt"<blob>=<NULL>
"invi"<sint32>=<NULL>
"mdat"<timedate>=0x32303230303332343038333431355A00 "20200324083415Z\000"
"nega"<sint32>=<NULL>
"path"<blob>=<NULL>
"port"<uint32>=0x00000000
"prot"<blob>=<NULL>
"ptcl"<uint32>=0x00000000
"scrp"<sint32>=<NULL>
"sdmn"<blob>=<NULL>
"srvr"<blob>="match_https://bitbucket.org/****"
"type"<uint32>=<NULL>
password has been deleted.
Related
When I tried to commit my work I've this message :
error: Load key "/var/folders/97/8chxzhxs3n79g9b95510jwwr0000gn/T//.git_signing_key_tmp2JvaYk": invalid format?
fatal: failed to write commit object
Please can help me, I can't commit anything.
I see many topics about this with ssh-add and ss-agent but none works for my case...
I've tried to regenerate my ssh key with ssh-keygen. I've remove my id_rsa and id_rsa.pub to regenerate them.
Question : the message is -> error: Load key "/var/folders/97/8chxzhxs3n79g9b95510jwwr0000gn/T//.git_signing_key_tmp2JvaYk": invalid format?
But my key are located in ~/.ssh/id_rsa... I don't understand.
If your private key is passphrase-protected (meaning, encrypted), you would need to add your SSH key to an SSH agent.
Check also "Signing Git Commits with Your SSH Key" from Caleb Hearth.
Only then a git commit -S (signing the commit) would work.
Or you might have told Git about your SSH key:
git config --global gpg.format ssh
git config --global user.signingkey 'key::ssh-ed25519 AAAAC3(...) user#example.com'
Note that, with Git 2.40 (Q1 2023), the error message is improved when private key is not loaded in the SSH agent in the codepath to sign with an SSH key.
See commit dce7b31 (25 Jan 2023) by Adam Szkoda (adaszko).
(Merged by Junio C Hamano -- gitster -- in commit c7757b2, 03 Feb 2023)
ssh signing: better error message when key not in agent
Signed-off-by: Adam Szkoda
When signing a commit with a SSH key, with the private key missing from ssh-agent, a confusing error message is produced:
error: Load key
"/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpkArSj7":
invalid format? fatal: failed to write commit object
The temporary file .git_signing_key_tmpkArSj7 created by Git contains a valid public key.
The error message comes from ssh-keygen -Y sign' and is caused by a fallback mechanism in ssh-keygenwhereby it tries to interpret.git_signing_key_tmpkArSj7` as a private key if it can't find in the agent.
A fix is scheduled to be released in OpenSSH 9.1.
All that needs to be done is to pass an additional backward-compatible option -U to 'ssh-keygen -Y sign' call.
With '-U', ssh-keygen always interprets the file as public key and expects to find the private key in the agent.
As a result, when the private key is missing from the agent, a more accurate error message gets produced:
error: Couldn't find key in agent
I am using this helm chart
https://artifacthub.io/packages/helm/vulcanlink/chainlink
I managed to launch and connect Chainlink node with Postgres, with these values
config:
# Login Info
ROOT: /chainlink
API_LOGIN: |
API_EMAIL=admin#admin.com
API_LOGIN=admin
WALLET_PASSWORD: "9xMR9PN7CTk6Axs" # a random test password based on chainlink's demands
# HTTP Security
ALLOW_ORIGINS: "*"
SECURE_COOKIES: "false"
CHAINLINK_PORT: "6688"
CHAINLINK_TLS_PORT: "0"
# Database
DATABASE_TIMEOUT: "0"
DATABASE_URL: postgresql://chainlink:chainlink#pgdb-postgresql:5432/chainlink?sslmode=disable
# Ethereum
ETH_URL: wss://rinkeby.infura.io/ws/v3/somerandomnumber # ws://geth:8546
ETH_CHAIN_ID: "4"
LINK_CONTRACT_ADDRESS: 0x514910771af9ca656af840dff83e8264ecf986ca # this was here ...
I port forward the k8s service and I see the Chainlink UI.
But what combination of the above should I use?
I have tried them all.
EDIT
In order to change the env vars, I ended up destroying the whole minikube env. Insane, and I have no idea why...
Now I get this in the logs
There are no accounts, creating a new account with the specified password
There are no P2P keys; creating a new key encrypted with given password
There are no OCR keys; creating a new key encrypted with given password
2022-09-02T10:22:50Z [INFO] API exposed for user API_EMAIL=admin#admin.com cmd/local_client.go:122
2022-09-02T10:23:32Z [INFO] POST /sessions web/router.go:433 body={"email":"admin#admin.com","password":"*REDACTED*"} clientIP=127.0.0.1 errors=Error #01: Invalid email
latency=4.918708ms method=POST path=/sessions servedAt=2022-09-02 10:23:32 status=401
... so I still cannot log in in the GUI. It is frustrating
EDIT
This is what happens when the instructions are not clear...
The username was API_EMAIL=admin#admin.com and the password API_LOGIN=admin .
Now I can login...but surely gonna change them...
I'm trying to configure a fi-ware cloud instance using Rex. What these instances (and probably other OpenStack-based systems) prove is a "identity file", a single private key that you can use to connect to them. I have been using variations of this:
user "root";
private_key "/home/jmerelo/.ssh/jj-iv.pem";
public_key "/home/one/public/key.dsa";
key_auth;
group fiware => "130.206.x.y";
desc "Install git";
task "git", group => "fiware", sub {
install "git";
};
where the private key is the one provided by fi-ware, and the public key is, well, whatever I thought of, or nothing.
If no public key is provided, error is
[2014-11-30 11:45:45] WARN - Error running task/batch: No public_key file defined. at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/Task.pm line 621.
at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/TaskList/Base.pm line 273.
which is quite obviously true. But if I try other public keys, error is:
[2014-11-30 11:48:37] WARN - Error running task/batch: Wrong username/password or wrong key on 130.206.127.211. Or root is not permitted to login over SSH. at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/TaskList/Base.pm line 273.
Using
ssh -i ~/.ssh/jj-iv.pem root#130.206.x.y
connects correctly to the instance. So maybe the question is "Can Rex use a single private key to connect to a host?"
Finally, I generated a public key from the private key using, as suggested by the documentation,
$ sshkey-gen -y -f /path/to/your/private.key >public.key
and then using that public.key in the Rexfile
My goal: implement SSO on a java-based web application.
My problem: I'm not a security guy...
After some investigation I found that spring security kerberos extension is what I need (also looked into apache shiro but could only find example with a login page).
I used the samples in the following project:
https://github.com/spring-projects/spring-security-kerberos/tree/master/spring-security-kerberos-sample
I realized that I need to create a keytab. When I tried to use the keytab I got the following error:
javax.security.auth.login.LoginException: Unable to obtain password from user
Looking for some details about this error I saw that it could result from a wrong keytab location, but this is not the case here - I debugged into the source code and saw that the keytab file is loaded.
So I decided to check my keytab and see if it's ok.
First, this is last command (after a long evolution) I used to create my keytab:
ktpass /out http-web.keytab /mapuser MyUser#MYDOMAIN.COM /princ HTTP/MyUser#MYDOMAIN.COM /pass MyPass /ptype KRB5_NT_PRINCIPAL
Of course I created an SPN for MyUser with the following command:
setspn -a HTTP/MyUser#MYDOMAIN.COM MYDOMAIN.COM\MyUser
I tested the spn with the the following:
setspn -Q HTTP/MyUser#MYDOMAIN.COM
And got a successful result:
Checking domain DC=mydomain,DC=com CN=MyUser,OU=MyOrg,DC=mydomain,DC=com
HTTP/MyUser
HTTP/MyUser#MYDOMAIN.COM
Existing SPN found!
Now I wanted to test if I can obtain a ticket for MyUser by running the following command:
kinit MyUser#MYDOMAIN.COM
I got a successful result ("new ticket is stored in cache file....")
Now I wanted to test it with my keytab:
kinit MyUser#MYDOMAIN.COM -k -t http-web.keytab
Got the following exception:
Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type: No error KrbException: Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type:
I used klist tool to see if my keytab contains any keys:
klist -e -K -k -t http-web.keytab
Got the following result:
KVNO: 8
Key type: 23
Key: 0x47bf8039a8506cd67c524a03ff84ba4e
Time stamp: Jan 01, 1970 02:00
As a last desperate attempt, I checked the following account options for MyUser:
Use Kerberos DES encryption types for this account
The account suppoerts Kerberos AES 128 bit encryption
The account suppoerts Kerberos AES 256 bit encryption
I'm not sure if setting these options caused it, but now when I run
kinit MyUser#MYDOMAIN.COM
I get the following error:
Exception: krb_error 14 KDC has no support for encryption type (14) KDC has no support for encryption type
KrbException: KDC has no support for encryption type (14)
So I'm kind of desperate here, I don't really know what I'm doing. It's all a matter of trial and error (mostly error).
If anyone can guide me through here it would be much appreciated.
Thanks,
Lior
Turned out to be a stupid mistake.
I injected in spring the user account instead of the principal name as the servicePrincipal.
I am creating a sencha application and i want to run it on BB10 device. I have requested for signin Key files from BlackBerry and received two .csj registration files by mail . For signing my application i am using this command :
blackberry-signer –register –csjpin 01234567 –storepass mcube F:\BB10Key-28Feb\client-PBDT-1975809.csj F:\BB10Key-28Feb\client-RDK-1975809.csj
It gives error :
"Error: Keystore load: DerInputStream.getLength(): lengthTag=109, too big."
I don't have any idea about it that how it will be solve .
Welcome to StackOverflow.com
I think you are passing wrong files to the signer.
blackberry-signer -register -csjpin <csj pin>
-storepass <KeystorePassword> <client-RDK-xxxxxx.csj file>
<client-PBDT-xxxxx.csj file>
I see you are passing PBDT key first in place of RDK key.
Your code would be like this (please do not copy paste this command when signing yourself as this is for demo puposes only)
blackberry-signer –register –csjpin 01234567 –storepass mcube F:\BB10Key-28Feb\client-RDK-1975809.csj F:\BB10Key-28Feb\client-PBDT-1975809.csj
You should pass RDK key then PBDT key. Modify your bar signer tool command and run again with correct parameters. For more info visit Set up for signing BlackBerry 10 apps and Signing your BlackBerry 10 application.
If this solves your problem, check this as answer.