From owner-freebsd-bugs Thu Jul 12 16:50:13 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id AD9D237B405 for ; Thu, 12 Jul 2001 16:50:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f6CNo2144632; Thu, 12 Jul 2001 16:50:02 -0700 (PDT) (envelope-from gnats) Date: Thu, 12 Jul 2001 16:50:02 -0700 (PDT) Message-Id: <200107122350.f6CNo2144632@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Kris Kennaway Subject: Re: bin/27080: sshd may mis-parse the authorized_keys file Reply-To: Kris Kennaway Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/27080; it has been noted by GNATS. From: Kris Kennaway To: Mikhail Teterin Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: bin/27080: sshd may mis-parse the authorized_keys file Date: Thu, 12 Jul 2001 16:48:33 -0700 --fOHHtNG4YXGJ0yqR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please take this up with the OpenSSH developers. Thanks. Kris On Fri, May 04, 2001 at 12:24:35PM -0400, Mikhail Teterin wrote: >=20 > >Number: 27080 > >Category: bin > >Synopsis: sshd may mis-parse the authorized_keys file > >Confidential: no > >Severity: serious > >Priority: medium > >Responsible: freebsd-bugs > >State: open > >Quarter: =20 > >Keywords: =20 > >Date-Required: > >Class: sw-bug > >Submitter-Id: current-users > >Arrival-Date: Fri May 04 09:30:00 PDT 2001 > >Closed-Date: > >Last-Modified: > >Originator: Mikhail Teterin > >Release: FreeBSD 4.3-BETA i386 > >Organization: > Virtual Estates, Inc. > >Environment: > FreeBSD raidbox.privatelabs.com 4.3-BETA FreeBSD 4.3-BETA #0: Tue Apr 10 = 20:30:55 EDT 2001 mi@minime.privatelabs.com:/raid/src/sys/compile/RAIDB= OX i386 >=20 > >Description: >=20 > I have some keys in the authorized_keys file with some limitational > flags: > no-pty,no-port-forwarding,no-agent-forwarding 1024 35 ..key... >=20 > If add another key _after_ this one, the flags seem to apply to it > too, even though its line does not have them. no-pty is the most > noticable one. >=20 > >How-To-Repeat: >=20 > Put a couple of keys with no-pty,no-port-forwarding and > no-agent-forwarding flags in front of your regular keys. > See, if you can still login normally. >=20 > >Fix: >=20 > Make sure the keys with the special flags are at the bottom of > the file. Not a complete work-around, since the flags may be > mixed for different keys. > >Release-Note: > >Audit-Trail: > >Unformatted: >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-bugs" in the body of the message --fOHHtNG4YXGJ0yqR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7TjdQWry0BWjoQKURApw6AJ0QgyWSfoAXYxEJfcztGz5FnFYihQCePgTY k3EKNKYMEPry/RJfKiq+jXc= =zst8 -----END PGP SIGNATURE----- --fOHHtNG4YXGJ0yqR-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message