bugzilla-daemon at mindrot.org
2003-Oct-08 00:42 UTC
[Bug 734] Misleading error message when host key verification is impossible / SSH_ASKPASS impossible.
http://bugzilla.mindrot.org/show_bug.cgi?id=734 Summary: Misleading error message when host key verification is impossible / SSH_ASKPASS impossible. Product: Portable OpenSSH Version: 3.6.1p2 Platform: All OS/Version: Linux Status: NEW Severity: trivial Priority: P5 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: jim at iNode.co.nz When connecting to an unknown machine, ssh presents the host key fingerprint to the user, and asks for verification. If the user does not verify the fingerprint, ssh outputs "Host key verification failed." and terminates. If (for some strange reason) /dev/tty is unwriteable, and there is no other SSH_ASKPASS on the system, ssh still outputs "Host key verification failed." and terminates. However, in this case it might be more accurate or helpful to report that there is no method to even ask for verification, e.g. "No method available to ask for Host key verification". (I was trying to debug a new sshd setup on a possibly-unstable server from a client machine with a broken /dev/tty and no ssh-askpass - the host key message made me think that the sshd was sending invalid data, not that the client machine had problems of its own) This is a very low priority/severity report, because the phrase "Host key verification failed." could arguably still be correct in these circumstances. You might want to view it as an enhancement, except that I feel you shouldn't use a single error message for two different conditions. I note that under the same circumstances, a connection to a known host that would normally use a password method outputs "Permission denied" messages for keyboard-interactive, which is not as misleading. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Oct-08 02:30 UTC
[Bug 734] Misleading error message when host key verification is impossible / SSH_ASKPASS impossible.
http://bugzilla.mindrot.org/show_bug.cgi?id=734 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From dtucker at zip.com.au 2003-10-08 12:30 ------- All good points, and there's already a bug open for this. *** This bug has been marked as a duplicate of 471 *** ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Maybe Matching Threads
- [Bug 872] SSH client fails for non-root users with "Host key verification failed"
- [Bug 471] New: Misleading error message if /dev/tty permissions wrong
- If you become the error message: "Host key verification failed". then is this help is for you
- Host Key verification issue
- [Bug 2074] New: Host key verification incorrectly handles IPv6 addresses