bugzilla-daemon at mindrot.org
2003-Oct-08 00:42 UTC
[Bug 734] Misleading error message when host key verification is impossible / SSH_ASKPASS impossible.
http://bugzilla.mindrot.org/show_bug.cgi?id=734
Summary: Misleading error message when host key verification is
impossible / SSH_ASKPASS impossible.
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: All
OS/Version: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: jim at iNode.co.nz
When connecting to an unknown machine, ssh presents the host key fingerprint to
the user, and asks for verification. If the user does not verify the
fingerprint, ssh outputs "Host key verification failed." and
terminates.
If (for some strange reason) /dev/tty is unwriteable, and there is no other
SSH_ASKPASS on the system, ssh still outputs "Host key verification
failed." and
terminates. However, in this case it might be more accurate or helpful to report
that there is no method to even ask for verification, e.g. "No method
available
to ask for Host key verification".
(I was trying to debug a new sshd setup on a possibly-unstable server from a
client machine with a broken /dev/tty and no ssh-askpass - the host key message
made me think that the sshd was sending invalid data, not that the client
machine had problems of its own)
This is a very low priority/severity report, because the phrase "Host key
verification failed." could arguably still be correct in these
circumstances.
You might want to view it as an enhancement, except that I feel you
shouldn't
use a single error message for two different conditions.
I note that under the same circumstances, a connection to a known host that
would normally use a password method outputs "Permission denied"
messages for
keyboard-interactive, which is not as misleading.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Oct-08 02:30 UTC
[Bug 734] Misleading error message when host key verification is impossible / SSH_ASKPASS impossible.
http://bugzilla.mindrot.org/show_bug.cgi?id=734
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From dtucker at zip.com.au 2003-10-08 12:30 -------
All good points, and there's already a bug open for this.
*** This bug has been marked as a duplicate of 471 ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- [Bug 872] SSH client fails for non-root users with "Host key verification failed"
- [Bug 471] New: Misleading error message if /dev/tty permissions wrong
- If you become the error message: "Host key verification failed". then is this help is for you
- Host Key verification issue
- [Bug 2074] New: Host key verification incorrectly handles IPv6 addresses