bugzilla-daemon at bugzilla.mindrot.org
2020-Jan-18 04:22 UTC
[Bug 3114] New: Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114
Bug ID: 3114
Summary: Remote command execution although -N specified with
ControlMaster=yes, ControlPersist=yes and non-existent
ControlPath
Product: Portable OpenSSH
Version: 8.1p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: ionic at ionic.de
When creating a persistent master-slave control connection in master
mode and the control socket does not exist yet, the -N option for NOT
running a command seems to have no effect:
% ssh ionic.de -o ControlMaster="yes" -o
ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't
execute me\""
Don't execute me
However, this does not seem to be true when the control socket already
exists:
% ssh ionic.de -o ControlMaster="yes" -o
ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't
execute me\""
ControlSocket /home/ionic/.sshsock already exists, disabling
multiplexing
[hangs, which is normal, since the connection is established and kept
open]
This also seems to hold for a "fake" control socket:
% ssh -O "exit" ionic.de -o ControlPath=/home/ionic/.sshsock #
Correctly nuke socket, if necessary.
% rm -f /home/ionic/.sshsock # Get rid of "fake" sockets like the one
we're going to create.
% touch /home/ionic/.sshsock
% ssh ionic.de -o ControlMaster="yes" -o
ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't
execute me\""
ControlSocket /home/ionic/.sshsock already exists, disabling
multiplexing
[hangs]
It also doesn't happen with ControlPersist=no, so it must be related to
a persistent master-slave connection:
% ssh ionic.de -o ControlMaster="yes" -o ControlPersist="no"
-o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't
execute me\""
[hangs]
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Mar-16 06:56 UTC
[Bug 3114] Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114
Mihai Moldovan <ionic at ionic.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Hardware|amd64 |All
OS|Linux |All
--- Comment #1 from Mihai Moldovan <ionic at ionic.de> ---
Hardware and OS shouldn't make a difference.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Oct-11 06:48 UTC
[Bug 3114] Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
It's likely that openssh-9.5 fixed this (commit 2d34205dab). Can you
please try this version?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2024-Dec-04 14:07 UTC
[Bug 3114] Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath
https://bugzilla.mindrot.org/show_bug.cgi?id=3114
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
This is probably fixed. Please reopen if it isn't
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.