bugzilla-daemon at bugzilla.mindrot.org
2020-Jan-18 04:22 UTC
[Bug 3114] New: Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114 Bug ID: 3114 Summary: Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath Product: Portable OpenSSH Version: 8.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: ionic at ionic.de When creating a persistent master-slave control connection in master mode and the control socket does not exist yet, the -N option for NOT running a command seems to have no effect: % ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\"" Don't execute me However, this does not seem to be true when the control socket already exists: % ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\"" ControlSocket /home/ionic/.sshsock already exists, disabling multiplexing [hangs, which is normal, since the connection is established and kept open] This also seems to hold for a "fake" control socket: % ssh -O "exit" ionic.de -o ControlPath=/home/ionic/.sshsock # Correctly nuke socket, if necessary. % rm -f /home/ionic/.sshsock # Get rid of "fake" sockets like the one we're going to create. % touch /home/ionic/.sshsock % ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\"" ControlSocket /home/ionic/.sshsock already exists, disabling multiplexing [hangs] It also doesn't happen with ControlPersist=no, so it must be related to a persistent master-slave connection: % ssh ionic.de -o ControlMaster="yes" -o ControlPersist="no" -o ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\"" [hangs] -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Mar-16 06:56 UTC
[Bug 3114] Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114 Mihai Moldovan <ionic at ionic.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Hardware|amd64 |All OS|Linux |All --- Comment #1 from Mihai Moldovan <ionic at ionic.de> --- Hardware and OS shouldn't make a difference. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Oct-11 06:48 UTC
[Bug 3114] Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #2 from Damien Miller <djm at mindrot.org> --- It's likely that openssh-9.5 fixed this (commit 2d34205dab). Can you please try this version? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.