openssh bugs - May 2014 - [Bug 2239] New: ssh-keygen cannot handle Linux with 64 char long hostname

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

            Bug ID: 2239
           Summary: ssh-keygen cannot handle Linux with 64 char long
                    hostname
           Product: Portable OpenSSH
           Version: 6.6p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: milos.vyletel at gmail.com

Created attachment 2434
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2434&action=edit
patch

I've tried to set set hostname on my linux box to 64 characters which
is the maximum supported by Linux. This works fine but breaks
ssh-keygen (and possibly other openssh tools) because Linux sets
MAXHOSTNAMELEN to 64 which does not account for trailing zero.

I've tested this on 
OEL 6.5 (2.6.32-431.3.1.el6 kernel) and openssh-5.3p1-94.el6.x86_64
OEL 6.5 (2.6.32-431.3.1.el6 kernel) and OpenSSH_6.6p1
Fedora 20 (3.15.0-rc2+ kernel) and openssh-6.4p1-3.fc20.x86_64

The above root cause seems like a intentional design decision in Linux
kernel. Unlike OpenBSD where MAXHOSTNAMELEN is _POSIX_HOST_NAME_MAX +
trailing zero

/usr/include/limits.h:#define _POSIX_HOST_NAME_MAX      255
/usr/include/sys/param.h:#define MAXHOSTNAMELEN 256             /* max
hostname size */

in Linux they are same and is up to program to reserve enough space
/usr/include/bits/local_lim.h:#define HOST_NAME_MAX             64
/usr/include/asm-generic/param.h:#define MAXHOSTNAMELEN 64      /* max
length of hostname */

Here's reproduction

$ hostname
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
$ hostname | wc -c
65

OEL 6.5
$ rpm -qf $(which ssh-keygen)
openssh-5.3p1-94.el6.x86_64
$ ssh-keygen -t rsa
gethostname: File name too long
$

Fedora 20
$ rpm -qf $(which ssh-keygen)
openssh-6.4p1-3.fc20.x86_64
$ ssh-keygen -t rsa
gethostname: File name too long
$

OEL 6.5 + attached patch
$ ./ssh -V
OpenSSH_6.6p1, OpenSSL 1.0.1e-fips 11 Feb 2013
$ ./ssh-keygen -t ecdsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/PATH/.ssh/id_ecdsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /PATH/.ssh/id_ecdsa.
Your public key has been saved in /PATH/.ssh/id_ecdsa.pub.
The key fingerprint is:
92:d7:3d:a3:7d:76:1e:c6:39:be:8c:91:d8:32:36:f9
mv at xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The key's randomart image is:
+--[ECDSA  256]---+
|                 |
|                 |
|                 |
|       . . .     |
|      o S . +    |
|       o   o+oo .|
|          .B.+o*.|
|          . =o*oo|
|             E +o|
+-----------------+

If you need any additional info please let me know. Attached is a
proposed patch that would redefine MAXHOSTNAMELEN on Linux to 65.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Milos Vyletel <milos.vyletel at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2434|application/octet-stream    |text/plain
          mime type|                            |
   Attachment #2434|0                           |1
           is patch|                            |

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Milos Vyletel <milos.vyletel at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |milos.vyletel at gmail.com

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2434|0                           |1
        is obsolete|                            |
                 CC|                            |djm at mindrot.org
           Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
             Status|NEW                         |ASSIGNED

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 2448
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2448&action=edit
use NI_MAXHOST instead of HOSTNAMELEN

I think we should just standardise on using strings of length
NI_MAXHOST for hostnames. We do in about 1/2 the cases already.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |2226

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|ASSIGNED                    |RESOLVED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
patch applied, will be in openssh-6.7. Thanks!

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2239

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Close all bugs left open from 6.6 and 6.7 releases.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.