- CYBERDUCK LOGIN FAILED TO AMAZON UPDATE
- CYBERDUCK LOGIN FAILED TO AMAZON PATCH
- CYBERDUCK LOGIN FAILED TO AMAZON SOFTWARE
- CYBERDUCK LOGIN FAILED TO AMAZON CODE
- CYBERDUCK LOGIN FAILED TO AMAZON PASSWORD
This seems somewhat silly and pointless but it should have been harmless. Cyberduck was, for some reason, stuffing them into the keychain. Ok, I was confused – both of these certs are intermediaries and, until recently, you could get both from talking to Amazon. For me and a bunch of other users it’s two Verisign certs, one named “VeriSign Class 3 Public Primary Certification Authority – G5”. It’d also be nice to figure out exactly what entries Cyberduck might have written. Could Cyberduck do something to notify affected users? Maybe a new version of Cyberduck that checks for the bad entries and warns the user, pointing them to a help page? While Cyberduck 4.7 no longer causes the problem, anyone who used an older version of Cyberduck may still have a broken Mac. I only figured it out thanks to some lucky timing and a message on the system console. There’s no indication to the user there’s a problem with their keychain or that Cyberduck was the app that created the problematic entry. But users aren’t going to figure that out on their own. The fix is pretty simple: manually delete the spurious entries in the login keychain (so that the system entries are used instead).
CYBERDUCK LOGIN FAILED TO AMAZON UPDATE
The problem seems to be triggered by Mavericks security update 2015-004 (released last week).
CYBERDUCK LOGIN FAILED TO AMAZON SOFTWARE
Symptoms are the App Store refuses to load, MacOS software updates won’t get installed, Chrome refuses to load websites and Safari throws errors. Affected Macs can no longer verify Verisign-signed SSL certs in any application. However, the certificates old versions of Cyberduck wrote to the Keychain are now causing fairly serious problems with MacOS.
CYBERDUCK LOGIN FAILED TO AMAZON CODE
This behavior is documented in ticket #8741 and the code was changed to no longer do that. Prior to version 4.7, Cyberduck had code where it wrote some SSL certificates to the user login keychain. That may explain why 2015-004 changed things.įor the search engines: one of the two bad certificates placed on my keychain by Cyberduck was “VeriSign Class 3 Public Primary Certification Authority – G5” Apparently it’s a key that is weakly signed and various software is deciding it’s no longer valid as they update to stricter requirements. Update: this AWS discussion contains complaints about S3’s SSL certificate. Were they verifying it was a valid cert first? If so, then why is it no longer a valid cert? And why did MacOS security update 2015-004 break it? I’m content to let that all remain a mystery, but I’m curious. Cyberduck says they were taking a certificate offered by the server Amazon S3, in this case. I also don’t understand the root cause of the problem. We now have a bug report on file, my report text below. I’m not sure the Cyberduck authors understand the magnitude of the problem though, or that users of old versions now have broken Macs. There was a reported and fixed bug in Cyberduck. Version 4.7 (17432) is the latest version of Cyberduck. It doesn’t cause the problem any more. (For completeness I should add Cyberduck also complains about an SSL hostname mismatch when connecting to S3, but I think that’s a legitimate and expected error and unrelated to the Verisign certs.) I also manually verified the login keychain entries show up again as soon as I run Cyberduck after deleting them. It’s just the right kind of unusual application that would cause a bug like this that some small group of users on the Internet finds but not everyone.Ĭyberduck 4.6.3 placed a bunch of errors in the console, including the smoking gun “4/27/15 3:42:05.621 PM Cyberduck: Error adding certificate to Keychain”. I use it sporadically to browse S3 buckets. The system Console helped me narrow it down to the application Cyberduck, version 4.6.3.
CYBERDUCK LOGIN FAILED TO AMAZON PATCH
I can simply use the plain ftp to transfer my patch into the Apple TV.I figured out what put the rogue SSL certificate on my system, the one that breaks MacOS Mavericks.
CYBERDUCK LOGIN FAILED TO AMAZON PASSWORD
If you know the default user id and password to the Apple TV black, please let me know. If any of you clever people out there see this trouble report, please help. I tried to login in as frontrow and password frontrow and as xbmc and password xbmc. It opened into my Apple TV IP address but failed at Login. The icefilms stilled failed at "Script Error".Īt this point, I noticed that a new IP address was assigned to my Apple TV and my wi-fi signal indicator was one bar less than before.įound a patch to icefilms (patch file called megaroutines.py) but failed at 'cyberduck' with Login Failed. Then, I had problem getting icefilms working so I uninstall XBMC and re-installed XBMC and icefilms with the newer versions (XBMC11.0-BETA1 and -1.0.20). 'cyberduck' using SFTP worked fine (selected SFTP, port 22, I entered my Apple TV IP address, root, alphine). On my new Apple TV received as a Xmas present, I jailbroke the device and installed XBMC and icefilms.