bugzilla-daemon at mindrot.org
2006-Feb-22 05:40 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 Summary: %u and %h not handled in IdentityFile Product: Portable OpenSSH Version: 4.3p2 Platform: All URL: http://www.math.ualberta.ca/imaging/snfs/openssh.html OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: imaging at math.ualberta.ca Here is a patch to allow private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location on systems where home directories are NFS mounted. This addresses an important security hole on systems where home directories are NFS mounted, particularly if there are users who use blank passphrases (or when lpd is tunneled through ssh on systems running lpd as user lp) instead of ssh-agent. IdentityFile now accepts the same %u, %h, %% options that AuthorizedKeysFile accepts (see man sshd). For example, one can specify a user-dependent IdentityFile in ssh_config: IdentityFile /ssh/%u/id_rsa ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-22 05:41 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 ------- Comment #1 from imaging at math.ualberta.ca 2006-02-22 16:41 ------- Created an attachment (id=1076) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1076&action=view) User-dependent IdentityFile portable version ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-22 05:42 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 ------- Comment #2 from imaging at math.ualberta.ca 2006-02-22 16:42 ------- Created an attachment (id=1077) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1077&action=view) User-dependent IdentityFile OpenBSD version ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-22 05:44 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 imaging at math.ualberta.ca changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |imaging at math.ualberta.ca ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-26 01:49 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1077| |ok- Flag| | ------- Comment #3 from djm at mindrot.org 2006-02-26 12:49 ------- (From update of attachment 1077)>diff -ru ssh/ssh-keygen.c sshJ/ssh-keygen.c >--- ssh/ssh-keygen.c 2005-11-28 19:04:55.000000000 -0700 >+++ sshJ/ssh-keygen.c 2006-02-21 15:52:36.000000000 -0700...>+ /* Read systemwide configuration file after user config. */ >+ (void)read_config_file(_PATH_HOST_CONFIG_FILE, hostname, &options, 0);I don't think we want the other tools to depend on ssh_config.>--- ssh/ssh.c 2005-12-19 21:41:07.000000000 -0700 >+++ sshJ/ssh.c 2006-02-21 15:52:36.000000000 -0700...> for (; i < options.num_identity_files; i++) { > filename = tilde_expand_filename(options.identity_files[i], > original_real_uid); >+ filename = percent_expand(filename, "h", pw->pw_dir, >+ "u", pw->pw_name, (char *)NULL); > public = key_load_public(filename, NULL);This leaks memory. Also, I think it would be better to have: %u -> user %h -> local hostname %d -> home directory I'll attach a revised patch ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-26 01:53 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1076 is|0 |1 obsolete| | Attachment #1077 is|0 |1 obsolete| | ------- Comment #4 from djm at mindrot.org 2006-02-26 12:53 ------- Created an attachment (id=1083) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1083&action=view) Revised diff This diff fixes the memory leak and uses the mnemonics from Comment #3. Note that the diff doesn't touch ssh-keygen. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Feb-26 06:15 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 ------- Comment #5 from dtucker at zip.com.au 2006-02-26 17:15 ------- (In reply to comment #3)> Also, I think it would be better to have: > > %u -> user > %h -> local hostname > %d -> home directoryThe current uses of percent_expand() are, with this proposal at the bottom: ClHost ClUser SrvHost SrvUser SrvPort Homedir authorized_keys %u %h ControlPath %l %h %r %p ProxyCommand %h %p IdentityFile %h %u %d To keep the client-side consistent, those could be: %u -> local user %l -> local hostname %d -> home directory The following might also be useful: %h -> remote host %r -> remote username ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Mar-12 04:47 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1083 is|0 |1 obsolete| | ------- Comment #6 from djm at mindrot.org 2006-03-12 15:47 ------- Created an attachment (id=1097) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1097&action=view) Improved diff, with dtucker's suggestions Good points Darren, revised diff attached. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Mar-12 05:06 UTC
[Bug 1159] %u and %h not handled in IdentityFile
http://bugzilla.mindrot.org/show_bug.cgi?id=1159 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jprondak at visualmedia.com ------- Comment #7 from djm at mindrot.org 2006-03-12 16:06 ------- *** Bug 95 has been marked as a duplicate of this bug. *** ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Reasonably Related Threads
- [Patch] User-dependent IdentityFile
- [PATCH] Add user-dependent IdentityFile to OpenSSH-3.0.2p1
- [Bug 3080] New: Document IdentityFile=none and clarify interaction of defaults with IdentitiesOnly
- [Bug 3570] New: Add substitution token for explicitly selected IdentityFile for ControlPath selection
- key management with ssh-agent, IdentityFile and info leakage