URL: https://github.com/SSSD/sssd/pull/783
Author: branen
Title: #783: knownhostsproxy: friendly error msg for NXDOMAIN
Action: opened
PR body:
"""
This patch writes a brief, familiar error message to stderr when no addresses
are able to be resolved for the host specified in argv:
```
(with patch)$ ssh the-void
sss_ssh_knownhostsproxy: Could not resolve hostname the-void
ssh_exchange_identification: Connection closed by remote host
```
Users accustomed to using SSH in environments where SSSD is not deployed may
expect the usual "Could not resolve hostname" error from SSH when a domain name
is misspelled or otherwise invalid:
```
(no sssd)$ ssh the-void
ssh: Could not resolve hostname the-void: Name or service not known
```
When such users begin using SSH in an SSSD-enabled environment, they may be
confused when this familiar and straightforward message is replaced by a new
one:
```
(sssd)$ ssh the-void
ssh_exchange_identification: Connection closed by remote host
```
If such users aren't aware that the system `ssh_config` is proxying their
connection through `sss_ssh_knownhostsproxy`, they may mistakenly conclude that
a connection had been made all the way to a remote host and, therefore, that
the hostname they specified was valid and able to be resolved. This patch
mitigates this opportunity for confusion.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/783/head:pr783
git checkout pr783
From 4884cf62db7baa6929b1a74c8aaab7ff2864c0d1 Mon Sep 17 00:00:00 2001
From: Branen Salmon <bsal...@hopper.com>
Date: Fri, 15 Mar 2019 16:19:51 -0400
Subject: [PATCH] knownhostsproxy: friendly error msg for NXDOMAIN
This patch writes a brief, familiar error message to stderr when no
addresses are able to be resolved for the host specified in argv:
(with patch)$ ssh the-void
sss_ssh_knownhostsproxy: Could not resolve hostname the-void
ssh_exchange_identification: Connection closed by remote host
Users accustomed to using SSH in environments where SSSD is not deployed
may expect the usual "Could not resolve hostname" error from SSH when a
domain name is misspelled or otherwise invalid:
(no sssd)$ ssh the-void
ssh: Could not resolve hostname the-void: Name or service not known
When such users begin using SSH in an SSSD-enabled environment, they may
be confused when this familiar and straightforward message is replaced
by a new one:
(sssd)$ ssh the-void
ssh_exchange_identification: Connection closed by remote host
If such users aren't aware that the system ssh_config is proxying their
connection through sss_ssh_knownhostsproxy, they may mistakenly conclude
that a connection had been made all the way to a remote host and,
therefore, that the hostname they specified was valid and able to be
resolved. This patch mitigates this opportunity for confusion.
---
src/sss_client/ssh/sss_ssh_knownhostsproxy.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
index 9e574adea4..d2a171dea3 100644
--- a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
+++ b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
@@ -339,6 +339,9 @@ int main(int argc, const char **argv)
}
}
} else {
+ fprintf(stderr,
+ "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n",
+ pc_host);
ret = EFAULT;
}
ret = (ret == EOK) ? EXIT_SUCCESS : EXIT_FAILURE;
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
