bugzilla-daemon at mindrot.org
2014-May-06 18:08 UTC
[Bug 2239] New: ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Bug ID: 2239 Summary: ssh-keygen cannot handle Linux with 64 char long hostname Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: Linux Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at mindrot.org Reporter: milos.vyletel at gmail.com Created attachment 2434 --> https://bugzilla.mindrot.org/attachment.cgi?id=2434&action=edit patch I've tried to set set hostname on my linux box to 64 characters which is the maximum supported by Linux. This works fine but breaks ssh-keygen (and possibly other openssh tools) because Linux sets MAXHOSTNAMELEN to 64 which does not account for trailing zero. I've tested this on OEL 6.5 (2.6.32-431.3.1.el6 kernel) and openssh-5.3p1-94.el6.x86_64 OEL 6.5 (2.6.32-431.3.1.el6 kernel) and OpenSSH_6.6p1 Fedora 20 (3.15.0-rc2+ kernel) and openssh-6.4p1-3.fc20.x86_64 The above root cause seems like a intentional design decision in Linux kernel. Unlike OpenBSD where MAXHOSTNAMELEN is _POSIX_HOST_NAME_MAX + trailing zero /usr/include/limits.h:#define _POSIX_HOST_NAME_MAX 255 /usr/include/sys/param.h:#define MAXHOSTNAMELEN 256 /* max hostname size */ in Linux they are same and is up to program to reserve enough space /usr/include/bits/local_lim.h:#define HOST_NAME_MAX 64 /usr/include/asm-generic/param.h:#define MAXHOSTNAMELEN 64 /* max length of hostname */ Here's reproduction $ hostname xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx $ hostname | wc -c 65 OEL 6.5 $ rpm -qf $(which ssh-keygen) openssh-5.3p1-94.el6.x86_64 $ ssh-keygen -t rsa gethostname: File name too long $ Fedora 20 $ rpm -qf $(which ssh-keygen) openssh-6.4p1-3.fc20.x86_64 $ ssh-keygen -t rsa gethostname: File name too long $ OEL 6.5 + attached patch $ ./ssh -V OpenSSH_6.6p1, OpenSSL 1.0.1e-fips 11 Feb 2013 $ ./ssh-keygen -t ecdsa Generating public/private ecdsa key pair. Enter file in which to save the key (/PATH/.ssh/id_ecdsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /PATH/.ssh/id_ecdsa. Your public key has been saved in /PATH/.ssh/id_ecdsa.pub. The key fingerprint is: 92:d7:3d:a3:7d:76:1e:c6:39:be:8c:91:d8:32:36:f9 mv at xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx The key's randomart image is: +--[ECDSA 256]---+ | | | | | | | . . . | | o S . + | | o o+oo .| | .B.+o*.| | . =o*oo| | E +o| +-----------------+ If you need any additional info please let me know. Attached is a proposed patch that would redefine MAXHOSTNAMELEN on Linux to 65. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-May-06 18:09 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Milos Vyletel <milos.vyletel at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2434|application/octet-stream |text/plain mime type| | Attachment #2434|0 |1 is patch| | -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-May-06 18:12 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Milos Vyletel <milos.vyletel at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |milos.vyletel at gmail.com -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-Jul-03 03:03 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2434|0 |1 is obsolete| | CC| |djm at mindrot.org Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org Status|NEW |ASSIGNED --- Comment #1 from Damien Miller <djm at mindrot.org> --- Created attachment 2448 --> https://bugzilla.mindrot.org/attachment.cgi?id=2448&action=edit use NI_MAXHOST instead of HOSTNAMELEN I think we should just standardise on using strings of length NI_MAXHOST for hostnames. We do in about 1/2 the cases already. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2014-Jul-03 03:03 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2226 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-Jul-03 03:34 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|ASSIGNED |RESOLVED --- Comment #2 from Damien Miller <djm at mindrot.org> --- patch applied, will be in openssh-6.7. Thanks! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-Oct-07 21:00 UTC
[Bug 2239] ssh-keygen cannot handle Linux with 64 char long hostname
https://bugzilla.mindrot.org/show_bug.cgi?id=2239 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Close all bugs left open from 6.6 and 6.7 releases. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.