openssh bugs - Nov 2013 - [Bug 2174] New: no-pty in authorized_keys does not prevent and interactive shell

https://bugzilla.mindrot.org/show_bug.cgi?id=2174

            Bug ID: 2174
           Summary: no-pty in authorized_keys does not prevent and
                    interactive shell
           Product: Portable OpenSSH
           Version: 6.4p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: security
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: nogyka at gmail.com

Hi,

I just stumbled upon the fact that when I deny a user who logs in using
a public key an interactive login using the no-pty argument in the
~/.ssh/authorized_keys file,
I still get an interactive shell (kind of). Despite the fact that
"PTY allocation request failed on channel 0"

This could be reproduced on an up to date debian system (6.0.8) as well
as on Ubuntu 12.04.3 LTS

OpenSSH_5.5p1 Debian-6+squeeze3
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013
OpenSSH_6.4p1, OpenSSL 1.0.1 14 Mar 2012

Best regards,
Bastian Mueller

--- LOG ---

bbb at kilchoman:~$ ssh user at host
PTY allocation request failed on channel 0
Linux hostname 2.6.32-5-amd64 #1 SMP Mon Oct 3 03:59:20 UTC 2011 x86_64

cat ~/.ssh/authorized_keys
no-pty ssh-rsa AAAA..5KS3+Q=
ssh -v     
OpenSSH_5.5p1 Debian-6+squeeze3, OpenSSL 0.9.8o 01 Jun 2010
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c
cipher_spec]
           [-D [bind_address:]port] [-e escape_char] [-F configfile]
           [-I pkcs11] [-i identity_file]
           [-L [bind_address:]port:host:hostport]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p
port]
           [-R [bind_address:]port:host:hostport] [-S ctl_path]
           [-W host:port] [-w local_tun[:remote_tun]]
           [user@]hostname [command]

ps
  PID TTY          TIME CMD
 1191 ?        00:00:00 sshd
 1192 ?        00:00:00 bash
 1232 ?        00:00:00 ps

--- END LOG ---

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2174

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |djm at mindrot.org
         Resolution|---                         |INVALID

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
This is intended behaviour. no-pty doesn't control what is executed,
just whether the command/shell has a tty or not.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2174

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.