Date: Fri, 4 May 2001 12:24:35 -0400 (EDT) From: Mikhail Teterin <mi@aldan.algebra.com> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/27080: sshd may mis-parse the authorized_keys file Message-ID: <200105041624.f44GOZ723909@aldan.algebra.com>
next in thread | raw e-mail | index | archive | help
>Number: 27080 >Category: bin >Synopsis: sshd may mis-parse the authorized_keys file >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri May 04 09:30:00 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Mikhail Teterin >Release: FreeBSD 4.3-BETA i386 >Organization: Virtual Estates, Inc. >Environment: FreeBSD raidbox.privatelabs.com 4.3-BETA FreeBSD 4.3-BETA #0: Tue Apr 10 20:30:55 EDT 2001 mi@minime.privatelabs.com:/raid/src/sys/compile/RAIDBOX i386 >Description: I have some keys in the authorized_keys file with some limitational flags: no-pty,no-port-forwarding,no-agent-forwarding 1024 35 ..key... If add another key _after_ this one, the flags seem to apply to it too, even though its line does not have them. no-pty is the most noticable one. >How-To-Repeat: Put a couple of keys with no-pty,no-port-forwarding and no-agent-forwarding flags in front of your regular keys. See, if you can still login normally. >Fix: Make sure the keys with the special flags are at the bottom of the file. Not a complete work-around, since the flags may be mixed for different keys. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105041624.f44GOZ723909>