touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #18561
[Bug 161047] Re: ssh server forces a command when it should not
>From https://bugzilla.mindrot.org/show_bug.cgi?id=1472#c3:
Mass update RESOLVED->CLOSED after release of openssh-5.1
And Ubuntu ships version >=5.1+ since at least Precise.
** Changed in: openssh (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/161047
Title:
ssh server forces a command when it should not
Status in Portable OpenSSH:
Fix Released
Status in “openssh” package in Ubuntu:
Fix Released
Bug description:
When logging in on my home server I find it impossible to maintain
both publickey and passphrase authentication. This has started
happening recently, so I suspect an update might be responsible.
Set-up:
The user is set up to accept both publickey and password authentication in this order (the usual set-up). The authorized hosts looks like this (basically to allow only access to the repository and nothing more):
command="svnserver -t --tunnel-user=user",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAA...Q==...
The password login is left unrestricted.
Symptoms:
When connecting and having the key in the ~/.ssh/ directory, the client sends a notification (?) to the server about the key and it is taken as though it should succeed:
OpenSSH_4.6p1 Debian-5build1, OpenSSL 0.9.8e 23 Feb 2007
...
debug1: Connection established.
debug1: identity file /home/user/.ssh/identity type -1
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6p1 Debian-5build1
debug1: match: OpenSSH_4.6p1 Debian-5build1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6p1 Debian-5build1
...
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/identity
--> debug1: Offering public key: /home/user/.ssh/id_rsa
--> debug1: Remote: Forced command: svnserver -t --tunnel-user=user
debug1: Remote: Port forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-rsa blen 277
--> debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/user/.ssh/id_rsa':
debug1: Next authentication method: password
user@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = cs_CZ.UTF-8
...here the svnserver takes over
does anyone have a clue what to try?
To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/161047/+subscriptions