[Bug 2356] New: inheritance of options not working as documented + HostName leads to recursive reparsing isn't documented
https://bugzilla.mindrot.org/show_bug.cgi?id=2356 Bug ID: 2356 Summary: inheritance of options not working as documented + HostName leads to recursive reparsing isn't documented Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-b...@mindrot.org Reporter: cales...@scientia.net Hey. I was asking around about this some time ago on the mailing list, but no one replied so I assume it's a bug (which I now report for the records :) ). I was playing around a bit and noticed the following behaviour which doesn't seem to match the documentation (which basically says the first time an option is set, that value is used). Having the following ~/.ssh/config: Host foo bar HostName%h.example.org Host foo.example.org Userroot ControlMaster auto ControlPersist 1h Host bar.example.org Userroot ControlMaster auto ControlPersist 1h Host * ControlPath ~/.ssh/control-mux/%l_%r@%h:%p ControlPersist 1s ...the following happens when one logs in to foo or bar (without the domain): 1) Apparently, using HostName works in a way so that ssh_config is parsed again with the new name, because a socket is actually created. This behaviour seems to be undocumented, i.e. from the documentation I'd have expected that logging in to "foo" wouldn't cause the config from "foo.example.org" be used. If you can confirm this, than I can write a patch for you that adds such documentation. 2) Since ControlMaster=auto applies to just "foo" or "bar", one would expect that ControlPersist=1h does so as well. But it doesn't (the 1s is taken). As soon as I exit, the mux process quits (after 1s) and the socket gets removed. That's not how I'd interpret how inheritance works from the manpage... is it a bug? ControlPath in turn is taken up again correctly. Cheers, Chris. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #4 from Christoph Anton Mitterer --- forgot to attach the trivial patch I've had made, just in case you change your mind! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #3 from Christoph Anton Mitterer --- Created attachment 2553 --> https://bugzilla.mindrot.org/attachment.cgi?id=2553&action=edit 0001-document-that-PermitRootLogin-checks-for-uid-0.patch -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2355] general protection / segfaults when PermitOpen=none
https://bugzilla.mindrot.org/show_bug.cgi?id=2355 --- Comment #6 from Christoph Anton Mitterer --- (In reply to Damien Miller from comment #2) > Could you try running a sshd in debugging mode on a different port > (i.e. "sshd -dddp ") and catching it in the act of crashing? > Seeing where it fails would be a great help. Sure, see attached files: sshd and ssh output, from the later you see which tries failed (with which error) and which worked. Interestingly, the sshd quite *every time* after the end of the connection... is this because of -D? (In reply to Damien Miller from comment #3) > BTW, I can't replicate this with HEAD Mhh and have you tried with an older tag as well (i.e. 6.7p1?) and could replicate it there? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2355] general protection / segfaults when PermitOpen=none
https://bugzilla.mindrot.org/show_bug.cgi?id=2355 --- Comment #5 from Christoph Anton Mitterer --- Created attachment 2552 --> https://bugzilla.mindrot.org/attachment.cgi?id=2552&action=edit sshd.log -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2355] general protection / segfaults when PermitOpen=none
https://bugzilla.mindrot.org/show_bug.cgi?id=2355 --- Comment #4 from Christoph Anton Mitterer --- Created attachment 2551 --> https://bugzilla.mindrot.org/attachment.cgi?id=2551&action=edit ssh.log -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 --- Comment #2 from Christoph Anton Mitterer --- Is adding a one liner to the manpage really that issue? ;-) Well I just thought that it might be handy to people... and especially for the BSD guys,.. or didn't they have the tradition of having a "toor" user which is root as well but not called root? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2355] general protection / segfaults when PermitOpen=none
https://bugzilla.mindrot.org/show_bug.cgi?id=2355 --- Comment #3 from Damien Miller --- BTW, I can't replicate this with HEAD -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2355] general protection / segfaults when PermitOpen=none
https://bugzilla.mindrot.org/show_bug.cgi?id=2355 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #2 from Damien Miller --- Could you try running a sshd in debugging mode on a different port (i.e. "sshd -dddp ") and catching it in the act of crashing? Seeing where it fails would be a great help. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2354] please document that PermitRootLogin really checks for uid=0
https://bugzilla.mindrot.org/show_bug.cgi?id=2354 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|--- |WORKSFORME Status|NEW |RESOLVED --- Comment #1 from Damien Miller --- I don't think this needs adjusting. Root in Unix is defined by UID and not username. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2353, which changed state. Bug 2353 Summary: options allowed for Match blocks missing form documentation https://bugzilla.mindrot.org/show_bug.cgi?id=2353 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Damien Miller changed: What|Removed |Added Depends on||2353 -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2353] options allowed for Match blocks missing form documentation
https://bugzilla.mindrot.org/show_bug.cgi?id=2353 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Status|NEW |RESOLVED Blocks||2266 Resolution|--- |FIXED --- Comment #1 from Damien Miller --- We don't really take pull requests at the moment - we prefer patches here. Anyway, I've fixed sshd_config.5 - thanks. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2343] test_fuzz.c won't compile if ssh1 support is disabled
https://bugzilla.mindrot.org/show_bug.cgi?id=2343 --- Comment #4 from Damien Miller --- None of the regress/unit tests are ready for no-OpenSSL or no-SSH1. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2342] ssh-keygen gives wrong error loading public key message
https://bugzilla.mindrot.org/show_bug.cgi?id=2342 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #1 from Damien Miller --- I can't replicate this: [djm@fuyu openssh]$ mkdir x [djm@fuyu openssh]$ cd x [djm@fuyu x]$ ../ssh-keygen -t ed25519 -f key -N '' -q [djm@fuyu x]$ ../ssh-keygen -lf ^C [djm@fuyu x]$ rm key ; mv key.pub key [djm@fuyu x]$ ../ssh-keygen -lf key 256 SHA256:0UH+G0Bw+ZP3rqTwxsio5CUTrKkS/kcJ26RwV3Twbyw djm@fuyu (ED25519) -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs