| gevreeen | does someone know of a good (but small) project hosted on launchpad where I can test my git setup? | 01:42 |
|---|---|---|
| gevreeen | (still hours until I could get an account from staging) | 01:42 |
| gevreeen | (just cloning) | 01:42 |
| gevreeen | never mind. found one | 01:43 |
| gevreeen | where is git.launchpad.net's public key posted? | 02:24 |
| gevreeen | no sshfp/tlsa/srv/txt record? | 02:26 |
| gevreeen | is it posted somewhere? | 02:26 |
| gevreeen | or rather, can someone just post it here? | 02:34 |
| gevreeen | my suggestion is for to define sshfp rr alongside rrsig for dnssec | 02:35 |
| gevreeen | *for launchpad/canonical to define* | 02:35 |
| gevreeen | (also, when could we use ed25519/ed448 keys?) | 02:39 |
| sarnold | work is underway on the ed25519 keys; I get the impression we're owners of that support in twisted, and some of the libraries involved are particular about which versions of python they'll run on, etc. it sounds frustrating... | 02:44 |
| gevreeen | rewt from #git gave this link > https://help.launchpad.net/SSHFingerprints | 02:44 |
| gevreeen | looks good thus far | 02:44 |
| sarnold | sigh I hate ssh-keygen stuff so much. ~/.ssh/known_hosts has a key but figuring out how to get a fingerprint from that is just annoying | 02:46 |
| sarnold | any chance you know the command off-hand? :) | 02:46 |
| sarnold | 2048 SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo git.launchpad.net,162.213.33.95 (RSA) | 02:47 |
| sarnold | that's what ssh-keygen -l -f ~/.ssh/known_hosts gives me for git.launchpad.net, anyway :) I hope that's helpful | 02:47 |
| gevreeen | it's probably bxxdecode from base64, but lemme check | 02:49 |
| gevreeen | got "incorrect padding", but let's see | 02:50 |
| gevreeen | https://man.openbsd.org/sshd.8 says "Each line in these files contains the following fields: marker (optional), hostnames, keytype, base64-encoded key, comment. The fields are separated by spaces." on SSH_KNOWN_HOSTS_FILE_FORMAT. so b64decode should have worked | 02:52 |
| gevreeen | even the base64 util gives "invalid input", let's see whether I can do this the other around to obtain the true base64 through hexstring | 03:01 |
| gevreeen | https://stackoverflow.com/questions/15490728/decode-base64-invalid-input < this saved me | 03:04 |
| gevreeen | by appending padding "=" I also got base64.b64decode to work | 03:05 |
| sarnold | hmm, I thought I saw something about known_hosts skipping the padding, and almost suggested adding it, but when I checked mine, it had the proper padding, so I deleted what I wrote. hah. | 03:11 |
| gevreeen | the example just below https://man.openbsd.org/sshd.8#SSH_KNOWN_HOSTS_FILE_FORMAT has padding | 03:19 |
| gevreeen | so probably just add the padding(s) if the base64 characters do not come in quartets | 03:20 |
| gevreeen | sarnold: by the by, just wondering, whether ubuntu/canonical have some saas/paas service offerings similar to openshift/ibm cloud which allows, say, writing and hosting a golang/python web service with restricted lite-tiers? | 03:31 |
| === lukedashjr is now known as luke-jr | ||
| cjwatson | gevreeen: Canonical does a lot of cloud work, but it's more in the vein of helping our customers run private clouds - we don't have our own public cloud offering like that | 10:38 |
| cjwatson | gevreeen: Ed25519 should I hope be later this week. Just trying to get the final pieces landed at the moment | 10:39 |
| cjwatson | gevreeen: No plans for Ed448 | 10:40 |
| cjwatson | (Ed448 isn't interestingly better than Ed25519 unless elliptic curve cryptanalysis comes along a fair bit more, and OpenSSH hasn't yet felt it important enough to implement it, so I don't currently see it being worth the fairly large amount of heavy lifting needed to get support for it into Twisted and then into our services) | 10:45 |
| juliank | I'm subscribed to grub2 bugs directly. But if someone assigns my team to the task, I'll start receiving emails with "because your team ... was subscribed to it" | 11:04 |
| juliank | Those in turn then skip the inbox because that's a load of emails I would not be able to read (and there's never been a relevant email for me, until today) | 11:04 |
| juliank | I wonder if this makes sense, that "team is assigned to bug" beats "direct subscription to package" | 11:05 |
| juliank | cjwatson: In https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4783/+packages cross-toolchain-base does not seem to try to use the PPA at all to build, and hence fails to find the new make I want to build again, that seems unusual | 16:09 |
| juliank | (also help contact seems out of hours) | 16:09 |
| juliank | oh I guess only the source package is published yet | 16:10 |
| juliank | but empty Packages files at least exist | 16:11 |
| juliank | now I see debs, so I'll go retry it | 16:11 |
| cjwatson | juliank: Yeah, the archive is only included if it has any published binary packages | 16:14 |
| juliank | yeah, sorry for disturbing :) | 16:14 |
| cjwatson | juliank: and re grub2 bugs, seems worth a bug report on LP at least - I haven't dug through the slightly byzantine bug notification code to confirm that behaviour but it's possible | 16:15 |
| juliank | cjwatson: then the usual xkcd comic comes in where you break another user's flow, so I don't know, but I can report it :D | 16:16 |
| cjwatson | Always a problem with notification header changes. Not sure which way round makes most sense here TBH | 16:18 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!