Hi, and another interesting bug report, where I'm not sure what the correct behaviour of openssh should be. Thanks for your comments:> I find myself frequently using OpenSSH to log in and perform a single > command (particularly in a script to perform some quick, simple task on > multiple machines I administer). If the '-t' option is not included, the > behavior is no different than with the non-OpenSSH ssh inplementation. > However, this causes problems when I need to enter a password for, say, > sudo; the password is echoed back to the screen and the command fails. If > instead I enter 'ssh -t user at host command', sudo and others will work > properly, but the motd is printed as well. This adds significantly to the > output to be human-parsed and makes it more difficult to discern what > output came from which machine, as well as being different from the > original ssh and ssh2 implementations. Here is some sample output; first, > an example of performing a command on a host running the original ssh > implementation:|bj at host01:~$ ssh host00 ls / |Warning: Server lies about size of server host key: actual size is 1023 |bits vs. | announced 1024. |Warning: This may be due to an old implementation of ssh. |bj at host00.do.main's password: |bin |boot |cdrom |dev |etc |floppy |home |initrd |lib |lost+found |mnt |proc |root |sbin |tmp |usr |var |vmlinuz |vmlinuz.old |bj at host01:~$ ssh -t host00 ls / |Warning: Server lies about size of server host key: actual size is 1023 |bits vs. announced 1024. |Warning: This may be due to an old implementation of ssh. |bj at host00.do.main's password: |bin etc lib root var |boot floppy lost+found sbin vmlinuz |cdrom home mnt tmp vmlinuz.old |dev initrd proc usr |Connection to host00.do.main closed. |bj at host01:~$ |Next, connecting to a host running OpenSSH's sshd: |bj at host00:~$ ssh host01 ls / |bj at host01's password: |bin |boot |cdrom |dev |etc |floppy |home |home.delete |initrd |lib |lost+found |mnt |proc |root |sbin |storage |tmp |usr |var |vmlinuz |vmlinuz.old |bj at host00:~$ ssh -t host01 ls / |bj at host01's password: |Last login: Sat Aug 12 18:20:18 2000 from some.host.do.main on pts/1 |Linux host01 2.2.5 #2 Wed May 24 19:31:11 EDT 2000 i686 unknown |Most of the programs included with the Debian GNU/Linux system are |freely redistributable; the exact distribution terms for each program |are described in the individual files in /usr/doc/*/copyright |Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent |permitted by applicable law. |You have new mail. |bin dev home lib proc storage var |boot etc home.delete lost+found root tmp vmlinuz |cdrom floppy initrd mnt sbin usr vmlinuz.old |Connection to host01 closed. |bj at host00:~$ |host00 is a slink system running the older implementation of ssh, and |host01 is a potato system running OpenSSH. |I would like to suggest that OpenSSH be modified to suppress printing the |motd if the -t option is used and it is a non-login session, ie, the |connection is opened for command processing only. |bj at host00:~$ grep PrintMotd /etc/ssh/sshd_config |PrintMotd yes |bj at host01:~$ grep PrintMotd /etc/ssh/sshd_config |PrintMotd no Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 242 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20001227/69a57d4f/attachment.bin
Using their examples I can not replicate this using the current CVS tree. - Ben On Wed, 27 Dec 2000, Christian Kurz wrote:> Hi, > > and another interesting bug report, where I'm not sure what the correct > behaviour of openssh should be. Thanks for your comments: > > > I find myself frequently using OpenSSH to log in and perform a single > > command (particularly in a script to perform some quick, simple task on > > multiple machines I administer). If the '-t' option is not included, the > > behavior is no different than with the non-OpenSSH ssh inplementation. > > However, this causes problems when I need to enter a password for, say, > > sudo; the password is echoed back to the screen and the command fails. If > > instead I enter 'ssh -t user at host command', sudo and others will work > > properly, but the motd is printed as well. This adds significantly to the > > output to be human-parsed and makes it more difficult to discern what > > output came from which machine, as well as being different from the > > original ssh and ssh2 implementations. Here is some sample output; first, > > an example of performing a command on a host running the original ssh > > implementation: > > |bj at host01:~$ ssh host00 ls / > |Warning: Server lies about size of server host key: actual size is 1023 > |bits vs. > | announced 1024. > |Warning: This may be due to an old implementation of ssh. > |bj at host00.do.main's password: > |bin > |boot > |cdrom > |dev > |etc > |floppy > |home > |initrd > |lib > |lost+found > |mnt > |proc > |root > |sbin > |tmp > |usr > |var > |vmlinuz > |vmlinuz.old > |bj at host01:~$ ssh -t host00 ls / > |Warning: Server lies about size of server host key: actual size is 1023 > |bits vs. announced 1024. > |Warning: This may be due to an old implementation of ssh. > |bj at host00.do.main's password: > |bin etc lib root var > |boot floppy lost+found sbin vmlinuz > |cdrom home mnt tmp vmlinuz.old > |dev initrd proc usr > |Connection to host00.do.main closed. > |bj at host01:~$ > > |Next, connecting to a host running OpenSSH's sshd: > |bj at host00:~$ ssh host01 ls / > |bj at host01's password: > |bin > |boot > |cdrom > |dev > |etc > |floppy > |home > |home.delete > |initrd > |lib > |lost+found > |mnt > |proc > |root > |sbin > |storage > |tmp > |usr > |var > |vmlinuz > |vmlinuz.old > |bj at host00:~$ ssh -t host01 ls / > |bj at host01's password: > |Last login: Sat Aug 12 18:20:18 2000 from some.host.do.main on pts/1 > |Linux host01 2.2.5 #2 Wed May 24 19:31:11 EDT 2000 i686 unknown > > |Most of the programs included with the Debian GNU/Linux system are > |freely redistributable; the exact distribution terms for each program > |are described in the individual files in /usr/doc/*/copyright > > |Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent > |permitted by applicable law. > |You have new mail. > |bin dev home lib proc storage var > |boot etc home.delete lost+found root tmp vmlinuz > |cdrom floppy initrd mnt sbin usr vmlinuz.old > |Connection to host01 closed. > |bj at host00:~$ > > |host00 is a slink system running the older implementation of ssh, and > |host01 is a potato system running OpenSSH. > > |I would like to suggest that OpenSSH be modified to suppress printing the > |motd if the -t option is used and it is a non-login session, ie, the > |connection is opened for command processing only. > > |bj at host00:~$ grep PrintMotd /etc/ssh/sshd_config > |PrintMotd yes > > |bj at host01:~$ grep PrintMotd /etc/ssh/sshd_config > |PrintMotd no > > Ciao > Christian >
On 00-12-28 mouring at etoh.eviladmin.org wrote:> Using their examples I can not replicate this using the current CVS tree.Thanks, then I can mark this bug as fixed, as I will update our openssh package to version 2.3.0p1 which should not be to different from the behaviour of openssh from CVS, but I will check this before. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853