From owner-freebsd-stable@FreeBSD.ORG Sat Mar 1 03:12:02 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA5435E9 for ; Sat, 1 Mar 2014 03:12:02 +0000 (UTC) Received: from mail-qg0-x22b.google.com (mail-qg0-x22b.google.com [IPv6:2607:f8b0:400d:c04::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6F44A185D for ; Sat, 1 Mar 2014 03:12:02 +0000 (UTC) Received: by mail-qg0-f43.google.com with SMTP id f51so4581042qge.2 for ; Fri, 28 Feb 2014 19:12:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=r9Cn7K72wvZ+Mrr/aFIyqbeFKyR1kQeQOSFw+fNdyFg=; b=We2KUMMVNAmqWcGW3bGEof4IakcWpb2qzls0Yzou9YgPyrGTtnCI8CZvwVmobOBRFV tXfR6AK24qhA6BNyqDkuKa+G0KRZ9ah5lgvrTsDv8PUdngTZZ6ZXvXQLkJyr4rJrvXgs 7sM2fGG8Z/SJ4ejBzouwebIGICfOVjzrF3Oi8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=r9Cn7K72wvZ+Mrr/aFIyqbeFKyR1kQeQOSFw+fNdyFg=; b=XVoxMy0m5pkG06Id9L3uLrrqEBt2w161LX9v0ZLX+A4o5SOp89eubSQ9KfsD8U5u6N PqtlgqYrumPkzYiiaevUeh/qnwsYqv3QrAXLi78alq5nKvzIRveBK1/qN7Gk0Zf/ZnIQ iz7q5CSDJAMsAfxj08olI5GKMMqCXQFo4Rpt8Tv0HyC5y4Bo4EE3afiGjWRBRJiblNhS RAgRvbxCxtINuX5qvfIYPWVM0YfCldeMwTMsLVMboaIWfpx3hFp6HHLyISXc1LdyjAbQ 6MmuFyrHtR16hHQMRiEim1uPYs7YXlcC5ECxDMqrJHiGAXqI1BAj6q/qi8CsuM5OCWZX /7gA== X-Gm-Message-State: ALoCoQkka0XoppRc2aAc4YAo76rDZJ7+zjKeSV/Aj73oQz4Ht+cZrgCWXF9we/y2rVeqwqNvxTMA X-Received: by 10.140.107.53 with SMTP id g50mr8077306qgf.63.1393643521448; Fri, 28 Feb 2014 19:12:01 -0800 (PST) MIME-Version: 1.0 Sender: lists@eitanadler.com Received: by 10.96.147.225 with HTTP; Fri, 28 Feb 2014 19:11:31 -0800 (PST) In-Reply-To: <20140228234214.GA23514@stack.nl> References: <2cba8fd9cc51dedc1bd5e127046f4ab7@dweimer.net> <1393618827.9046.89104957.4A974C56@webmail.messagingengine.com> <1393625741.9928.89141917.3B723B0F@webmail.messagingengine.com> <20140228234214.GA23514@stack.nl> From: Eitan Adler Date: Fri, 28 Feb 2014 22:11:31 -0500 X-Google-Sender-Auth: sHvvZM71mg-4WWps5C38MSYGQXg Message-ID: Subject: Re: ssh-copy-id To: Jilles Tjoelker Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Mar 2014 03:12:02 -0000 On 28 February 2014 18:42, Jilles Tjoelker wrote: > On Fri, Feb 28, 2014 at 06:08:10PM -0500, Eitan Adler wrote: >> On 28 February 2014 17:15, Mark Felder wrote: >> .... > >> > In my opinion, if I'm using an ssh utility and I specify "-i" flag it >> > should be the private key. > >> Hey all, > >> Sorry about the confusion ssh-copy-id has caused you. > >> Does the following patch help ? > > In addition to that, it may be useful to add an explicit check against > sending private keys. Even though printf(1) fails, the receiving server > still gets the private key and a malicious root user might steal it. > > For example, any key starting with '-' is inappropriate. I thought about adding a check for private keys. However such a check is insufficient since the user may have supplied other private files accidentally such as /etc/passwd or a GPG key. -- Eitan Adler Source, Ports, Doc committer Bugmeister, Ports Security teams