[00:07] <elho> kiko: just hope someone actually still is responsible for it ;)
[01:17] <alecwh> My SSH key was recently rejected by LP (because of the infamous SSH bug found), so I updated my system, created another one, put it inside LP, and it is rejecting it. "This key is known to be compromised due to a security flaw in the software used to generate it"
[01:17] <alecwh> I'm fairly certain I just upgraded my system.
[01:36] <intellectronica> alecwh: can you check your key with ssh-vulnkey?
[01:37] <alecwh> intellectronica: I don't have that package installed, how do I get it?
[01:38] <intellectronica> if you don't have it installed then you haven't upgraded to the latest version. it's in the same package
[01:39] <intellectronica> alecwh: are you using ubuntu?
[01:40] <alecwh> intellectronica: Yes, hold on, I'm doing an apt-get update
[01:40] <intellectronica> alecwh: after that you also need to do `apt-get upgrade`
[01:41] <intellectronica> and then generate new keys
[01:41] <alecwh> okay, I'll check back when my bandwidth lifts up, my internet is going really slow.
[01:41] <intellectronica> cool
[01:50] <kiko> alecwh, apt-get dist-upgrade
[01:54] <alecwh> kiko: I'm using the latest Ubuntu version already.
[01:56] <kiko> alecwh, if you don't have ssh-vulnkey, you aren't :)
[01:56] <kiko> alecwh, if you just did upgrade you won't have it. you need dist-upgrade.
[01:57] <alecwh> kiko: I'm 100% I'm using 8.04. =) I'm waiting for a friend down the hall from downloading a video, and then I'm going to update my repositories
[01:58]  * Hobbsee wonders
[01:58] <kiko> alecwh, it's not 8.04 that's the issue -- it's dist-upgrade.
[01:58] <Hobbsee> oh, it is in openssh-client
[01:58] <alecwh> hmm, okay, I'll try it in like 5 minutes - sorry...
[01:58] <kiko> noprobs
[01:58] <kiko> I'm outta here but intellectronica or Hobbsee can help
[01:58] <kiko> see you all from prague!
[01:59] <Hobbsee> alecwh: do you have openssh-client installed?
[02:01] <emgent> shitty weather in Prague :(
[02:01] <Hobbsee> clear sky, 10C?  yeah.  bit cold.
[02:02] <emgent> Hobbsee: rain :(
[02:02] <emgent> http://www.bbc.co.uk/weather/5day.shtml?world=0055&links
[02:03] <alecwh> Hobbsee: yes
[02:03] <Hobbsee> alecwh: run `which ssh-vulnkey` and paste the output please.
[02:03] <Hobbsee> emgent: very dodgy.
[02:04] <Hobbsee> emgent: spain was lovely.  there should be a requirement on all european weather being nice for uds'
[02:04] <emgent> ture italy too :)
[02:04] <emgent> s/ture/true/
[02:04] <alecwh> alecwh@alecwh-laptop:~$ which ssh-vulnkey
[02:04] <alecwh> alecwh@alecwh-laptop:~$ 
[02:04]  * Hobbsee kicks the weather applet
[02:05] <Hobbsee> alecwh: and `ls -la /usr/bin/ssh-vulnkey`?
[02:05]  * Hobbsee scratches head.
[02:05] <alecwh> Hobbsee: eh, I just did an update, and I have security packages to download...
[02:05] <Hobbsee> alecwh: that'll do it....
[02:05] <Hobbsee> alecwh: it's in them.
[02:05] <alecwh> =)
[02:05] <alecwh> Sorry about that.
[02:06] <Rinchen> nickellery, are you here?
[02:07] <emgent> Hobbsee: good possibility for news uds in italy :)
[02:08] <Hobbsee> emgent: now that would be fun....
[02:12] <Rinchen> nickellery, one of your likely problems is that you seem to have 4 keys :-)
[02:12] <emgent> Hobbsee: :)
[02:13] <emgent> I think so :)
[02:27] <Rinchen> nickellery, well, since you're not around I've sent you a signed email to decode
[02:27] <Rinchen> nickellery, you can also take the gpg text from Launchpad, save it into a text file, and run gpg from the command line on it
[02:27] <Rinchen> hi Hobbsee.  bye Hobbsee.
[02:27] <Hobbsee> Rinchen: ?
[02:28] <Rinchen> drive by "hello" :-)
[02:28] <Hobbsee> Rinchen: oh...hi then....
[02:28]  * Rinchen is off to a very late dinner
[02:28] <Hobbsee> oh.  enjoy.
[02:36] <emgent> i go to sleep people
[02:36] <emgent> see you from Prague!
[03:42] <brandon_> could someone explain why im getting another email from Matt Revell about my SSH key after I did the update and generated a new key which tested ok by ssh-vulnkey
[04:05] <nickellery> Rinchen, sorry about that, but I'm available now
[08:17] <Peng> How often is Launchpad's bzr installation updated?
[08:17] <Peng> It's currently 1.3..
[08:57] <thumper> Peng: every release, we update to the latest released bzr version
[08:58] <thumper> Peng: when Launchpad was last updated, it was still 1.4 rc 1
[08:58] <thumper> Peng: so it had to wait
[08:58] <thumper> Peng: so when the next Launchpad rollout happens in a week and a half you will see bzr #1.5
[08:58] <Peng> Ok.
[08:59] <Peng> Thanks, thumper.
[08:59] <thumper> Peng: np
[09:00] <Peng> I think bzr has gotten more efficient when pulling when there are no changes since 1.3.
[09:00] <Peng> (Which Launchpad does all the time.)
[09:00] <thumper> Peng: it has
[09:00] <Peng> It'll start auto-detecting bzr+http, too, won't it?
[09:03] <thumper> perhaps
[09:03] <thumper> I'm not sure what we need to do on the Launchpad end to get that working
[09:03] <thumper> but I'll chase up spiv
[09:04]  * Peng shrugs.
[09:04] <Peng> If Launchpad just does os.system('bzr pull ...'), nothing needs to be changed. If you use bzrlib's API, I have no idea.
[11:50] <emgent> heya
[13:28] <theseinfeld> question about PPA
[13:29] <theseinfeld> I deleted all the packages in the PPA
[13:29] <theseinfeld> still
[13:29] <theseinfeld> when I do a dput I get: MD5 sum of uploaded file does not match existing file in archive
[13:29] <theseinfeld> how do you get rid of this one?
[13:29]  * theseinfeld is totally puzzled...
[13:29] <Peng> AFAIK, deletes aren't processed instantly.
[13:29] <Peng> It may work after "a while".
[13:30] <theseinfeld> hmm...
[13:30] <theseinfeld> how about couple of hours?
[13:30] <theseinfeld> like 2 hours...
[13:30] <Peng> I dunno.
[13:30] <Hobbsee> see the help on the left hand side of the page
[13:30] <theseinfeld> My guess is that the source package is still not deleted
[13:30] <Hobbsee> decipher it if possible
[13:30] <Hobbsee> it can be up to 12 hours
[13:30] <theseinfeld> :D
[13:30] <Hobbsee> better to increment version
[13:30] <theseinfeld> of the source package?
[13:31] <theseinfeld> my guess is that the source package is the problem
[13:31] <theseinfeld> earlier, the orig.tar.gz was from the svn
[13:31] <theseinfeld> now it is from the release
[13:31] <theseinfeld> do you think this might be the case?
[13:31] <Hobbsee> probably
[13:31] <theseinfeld> so, is there a way to delete the source package?
[13:32] <Hobbsee> eventually.
[13:32] <theseinfeld> after ~12 hours?
[13:32] <theseinfeld> :D
[13:32] <Hobbsee> you may have to publish something else, too
[13:32] <Hobbsee> which may make it faster.
[13:32] <Hobbsee> yeah, exactly...
[13:32] <theseinfeld> I see
[13:32] <theseinfeld> I will look into it
[13:32] <theseinfeld> I already filed a bug report
[13:33] <theseinfeld> I was thinking it was related to BUG  191892
[13:33] <theseinfeld> I was on that one before it happen :)
[15:07] <jelmer> Hi!
[15:08] <jelmer> Is there some way to access bug status information in launchpad over XML-RPC?
[15:29] <BjornT> jelmer: no. but you can get a text representation of the bug by appending /+text to the url
[15:30] <jelmer> BjornT: Ah, thanks. Even better :-)
[15:32] <jelmer> BjornT: Is there a description of the format somewhere?
[15:35] <BjornT> jelmer: no. it's a bit undocumented, since it's basically just a placeholder, until we get proper apis in place.
[15:35] <BjornT> jelmer: it consists of multiple parts, separated by a blank line.
[15:36] <BjornT> jelmer: first there is information about the bug itself. after that, there is one or more 'task' section, which gives information about the bug in each context it is reported
[15:37] <BjornT> jelmer: after the 'task' sections is a multipart/mime message, which contains the bug description, and all the comments
[15:37] <jelmer> BjornT: Thanks, that helps!
[15:37] <BjornT> each section should be parsable with the python email module
[15:44] <jelmer> BjornT: Ah, that sounds much simpler :-)
[15:45] <thekorn> jelmer, btw, python-launchpad-bugs has a parser for this +text pages
[15:46] <jelmer> thekorn: thanks, I'll see if I can get some inspiration from that one
[15:46] <jelmer> This is in Debian though, so I can't use that module directly
[15:47] <thekorn> jelmer, the first part is not always parseable with the email modul, you can use the configParser for this part
[15:55] <jelmer> Looks like rfc822 does sufficient for what I'm looking for
[17:22] <jelmer> ok, bts-link now supports launchpad
[19:34] <Yhouse[OFF]> hello
[19:45] <Lantash> After having deleted my old SSH key and generated a new one, I keep getting the same error message as before:
[19:45] <Lantash> Permission denied (publickey).
[19:45] <Lantash> bzr: ERROR: Connection closed: please check connectivity and permissions (and try -Dhpss if further diagnosis is required)
[19:45] <Lantash> Does anyone know how to solve this issue?
[19:48] <beuno> Lantash, have you uploaded you new key to Launchpad?
[19:48] <Lantash> yeah, using https://launchpad.net/~lantash/+editsshkeys
[19:49] <Lantash> the weird thing is that the "Key text" seems to be the same when I regenerate the key...
[19:50] <beuno> Lantash, then something must be wrong
[19:50] <Lantash> at least always began with "AAAB3N"
[19:50] <beuno> are you using ssh-keygen?
[19:51] <Lantash> I am... just as described in http://www.ubuntu.com/usn/usn-612-2
[19:52] <Lantash> I tried it several times... the fingerprints weren't the same
[19:59] <Lantash> don't get it...
[20:02] <Lantash> removing the whole ~/.ssh dir didn't solve the problem either -> different private key, but the public key is always the same
[20:26] <Lantash> ehrm just noticed that the public key isn't always the same, only the first 26 characters ^^, but I still get this Permission denied (publickey) error message
[20:26] <mtaylor> beuno: do we have to reupload keys even if our key was made pre-openssl bug? 
[20:27] <beuno> mtaylor, no, not at all. Launchpad will remove your key if it's weak, so if it hasn't your safe
[20:27] <mtaylor> beuno: hrm.
[20:28] <mtaylor> beuno: none of my keys are listed by ssh-vulnkey... but bazaar.launchpad.net is still rejecting me atm
[20:36] <beuno> mtaylor, did you get an email about the key's removal?
[20:37] <mtaylor> beuno: no. and it looks like it's not removed
[20:37] <mtaylor> beuno: but I'm getting bzr: ERROR: Connection closed: please check connectivity and permissions (and try -Dhpss if further diagnosis is required)
[20:37] <mtaylor> when I try to do anything today
[20:37] <beuno> hrm
[20:37] <beuno> you seem to be having the same probleam as Lantash...
[20:37] <Lantash> right :-/
[20:39] <beuno> I don't think we have any LP admins around right now...  Rinchen might be able to point us towards someone
[20:39] <beuno> ah
[20:40] <beuno> mine isn't working either  :)
[20:40] <beuno> elmo? thumper? lifeless? SteveA?
[20:40] <beuno> all ssh keys seem to get rejected
[20:41] <mtaylor> greaaaat
[20:41] <beuno> abentley?
[20:41] <beuno> this probably is the worst time, as most people will probably be travelling to UDS
[20:42] <abentley> beuno: Hi.
[20:42] <beuno> abentley, hey  :)    we seem to be having a problem
[20:42] <abentley> With ssh to bazaar.launchpad.net?
[20:43] <beuno> abentley, yeap
[20:43] <mtaylor> yup
[20:43] <Peng> Yep.
[20:43] <abentley> Have you updated your key since the openssl vulnerability was announced?
[20:43] <mtaylor> mine isn't vulnerable
[20:43] <Lantash> abentley: I have
[20:43] <Peng> I have one older, good key and one new key. Both fail.
[20:43] <beuno> abentley, mine is pre-2006 too, and it pases all the tests
[20:44] <abentley> I can log in to sftp.
[20:44] <abentley> Or maybe I can't.  Silly lftp.
[20:44] <beuno> beuno@beuno-laptop:~$ sftp beuno@bazaar.launchpad.net
[20:44] <beuno> Connecting to bazaar.launchpad.net...
[20:44] <beuno> Permission denied (publickey).
[20:44] <mtaylor> same here
[20:46] <Peng> Me too.
[20:46]  * Peng feels redundant.
[20:46] <aos101> launchpadlibrarian.net is down for me.  Is it down for others?
[20:46] <abentley> Okay, I can confirm.
[20:47] <Peng> aos101: Seems to be.
[20:47] <beuno> since Lantash reported it first, I'd say *he* broke it  :)
[20:47] <Peng> Who ran "rm -rf /"?
[20:47] <Lantash> hehe :-D
[20:48] <aos101> Peng: Thanks.  It was down when I tried it earlier also.
[20:49] <mtaylor> Peng: oh. was I not supposed to run rm -rm / ? darn it
[20:49] <laga> what does that command do? let me try
[20:51] <beuno> ah, seems many images are stored in launchpadlibrarian
[20:51] <beuno> so it makes navigating LP akward
[20:59] <abentley> I've sent out an email to our launchpad sysadmins.  I've also tried to ping them on the private IRC server.
[21:00] <beuno> abentley, great, thanks. So we play the waiting game now
[21:01] <abentley> From the symptoms, it sounds like a problem with the internal xml-rpc server.
[21:02] <beuno> it has to have borken down in the past hour or so
[21:02] <beuno> s/borken/broken
[21:02] <beuno> I used it before that
[21:02] <abentley> beuno: the practise with vulnerable keys was to remove them from the user profile, and then forbid re-uploading them.  Any key still in your profile will (normally) work.
[21:03] <abentley> I just thought it could have been removed, and you might not have noticed the email.
[21:03] <beuno> abentley, ah, right. No, I've been using it, and tested my key
[21:11] <beuno> abentley, LP is still running bzr 1.3?  That's odd, it used to be very much in sync
[21:11] <abentley> 1.4 came out too late for it to be included in our monthly release.
[21:12] <beuno> ah, so it's straight to 1.5?
[21:15] <nickellery> is it possible for me to change my launchpad username?
[21:15] <Peng> nickellery: Yes.
[21:15] <nickellery> Peng: how do i do that?
[21:15] <Peng> nickellery: I dunno. But you can.
[21:15] <nickellery> Peng: should i contact an admin?
[21:16] <Peng> nickellery: User page -> Change details.
[21:16] <nickellery> Peng: omg i never even noticed that I could do that!
[21:17] <nickellery> thanks
[21:20] <abentley> beuno: That's the plan.
[21:27] <asabil> hi all
[21:27] <asabil> I am having troubles pushing code to launchpad
[21:27] <Peng> asabil: Yeah.
[21:27] <mtaylor> asabil: yup. something's broke
[21:27] <asabil> so I am not the only one
[21:28] <Peng> You are not.
[21:28] <Peng> launchpadlibrarian.net is down too. :)
[21:29] <gmb> asabil, Peng, mtaylor I'm trying to get hold of someone who can look into this now.
[21:29] <asabil> ok thanks a lot
[21:33] <blueyed> launchpadlibrarian.net is down?
[21:34] <beuno> blueyed, yes, and ssh access to bazaar.launchpad
[21:43] <Peng> "Oops"
[21:43] <gmb> connecting to baazr.lp.net seems to work for me now.
[21:43] <gmb> A
[21:43] <elmo> librarian is on it's way back
[21:44] <gmb> elmo: Cool, thanks.
[21:44] <Peng> bzr+ssh and sftp still don't work for me.
[21:45] <elmo> Peng: what's your LP userid?
[21:46] <elmo> librarian is back up
[21:47] <Peng> elmo: mnordhoff.
[21:48] <elmo> Peng: you're not using one of the compromised keys we deleted, right?
[21:48] <Peng> Librarian works though.
[21:48] <Peng> elmo: I got one of my keys deleted, but the rest are okay.
[21:49] <Peng> I just tried two keys too.
[21:49] <elmo> Peng: can you retry bzr+ssh and sftp now?  maybe the codehosting is using the librarian to fetch keys
[21:49] <Peng> (bzr.dev, if it matters.)
[21:49] <elmo> and when I said it was on it's way back, it was still booting
[21:49] <Peng> elmo: Still doesn't work.
[21:49] <beuno> elmo, I can't connect either
[21:49] <elmo> bother
[21:49] <elmo> I can't see anything obviously wrong on vostok
[21:50] <Peng> 91.189.94.254?
[21:50] <elmo> yah
[21:51] <Peng> Still doesn't work.
[21:51] <elmo> lala
[21:51] <elmo> let me see if mister quiche is in the house
[21:52] <Peng> Any chance I got blocked because I tried like 10 times while it was still down?
[21:53] <Peng> My other IP probably didn't though.
[21:53] <elmo> Peng: don't think so - I don't think  we have that kind of heuristics
[21:54] <Peng> Doesn't work from a third IP where I've never tried it before.
[21:54] <Peng> (All around the U.S.)
[21:54] <elmo> OH
[21:54] <Peng> Vostok's host key fingerprint is 9d:38:3a:63:b1:d5:6f:c4:44:67:53:49:2e:ee:fc:89, right? :)
[21:54] <Peng> Oh?
[21:54] <elmo> I know what it is, give me two secs
[21:55] <elmo> Peng: try now
[21:55] <Peng> elmo: Works. What was wrong?
[21:55] <Peng> Thanks. :)
[21:55] <beuno> works here too
[21:57] <elmo> Peng: the authentication server for the code hosting died in the same crash the took out the librarian
[21:58] <elmo> it didn't immediately click for a variety of reasons, starting with it should have auto-started but mostly boiling down to me being stupid
[21:58] <Peng> Huh.
[21:58] <Peng> Okay.
[21:58] <Lantas1> works like a charm... thanks a lot for fixing this issue