Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 16 Jan 2001 23:37:07 -0800 (PST)
From:      cjclark@reflexcom.com
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   bin/24399: OpenSSH forced commands munge output
Message-ID:  <200101170737.f0H7b7t60224@rfx-64-6-211-149.users.reflexcom.com>
next in thread | raw e-mail | index | archive | help 

>Number:         24399
>Category:       bin
>Synopsis:       OpenSSH forced commands munge output
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 16 23:40:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Crist J. Clark
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
>Environment:

	FreeBSD 4.2-STABLE
	SSH Version OpenSSH_2.2.0, protocol versions 1.5/2.0.
	Compiled with SSL (0x0090600f).

>Description:

        OpenSSH "forced commands," a command specified in the
	authorized_keys file, have their output mangled. It looks like
	their is some UNIX-MSDOS conversion going on. Newlines, \n,
	are substituted with \r\n.

>How-To-Repeat:

        Assuming you have sshd running locally and don't have 
	anything in your configs to break this kind of thing.
        $ man ssh > ssh_1.cat
        $ ssh-keygen -f sshtest -N "" -C SSH-Test  
        $ { echo 'command="cat ssh_1.cat" '; cat sshtest.pub; } >> .ssh/authorized_keys
        $ ssh -i sshtest localhost > ssh_2.cat
        $ cmp ssh_1.cat ssh_2.cat
        ssh_1.cat ssh_2.cat differ: char 79, line 1
        $ tr -d '\r' < ssh_2.cat > ssh_3.cat
        $ cmp ssh_1.cat ssh_3.cat
        $
        But this works,
        $ ssh localhost "cat ssh_1.cat" > ssh_4.cat
        cjc@localhost's password:
        $ cmp ssh_1.cat ssh_4.cat
        $

>Fix:

	No workaround other than to not use forced commands.

        After a quick look at the code, I can't see how a "forced
	command" would produce different results than one provided on
	the command line. But that's what the tests show.

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101170737.f0H7b7t60224>