bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-19 21:27 UTC
[Bug 2599] New: Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 Bug ID: 2599 Summary: Overly verbose partial authentication Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: cgallek at gmail.com Created attachment 2856 --> https://bugzilla.mindrot.org/attachment.cgi?id=2856&action=edit quiet-log.patch When connecting to a server which requires multiple authentication methods (eg AuthenticationMethods publickey,password publickey,keyboard-interactive) the following message is displayed after the first authentication succeeds: "Authenticated with partial success." This message is a bit too verbose especially in the context of other tools (git, rsync, etc) which use ssh as the underlying protocol. The attached patch moves this message from the INFO log level to VERBOSE. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-20 00:54 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #1 from Darren Tucker <dtucker at zip.com.au> --- These things are going to stderr, right? Which tools are parsing ssh's stderr and for what purpose? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-20 02:23 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 --- Comment #2 from cgallek at gmail.com --- They do indeed go to stderr. Sorry, I didn't mean to imply something was parsing them. But things like `rsync --quiet ...` and `git fetch --quiet ...` are no longer quiet in this configuration. This is particularly annoying in cron invocations that send stderr in an email. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-20 04:50 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 --- Comment #3 from Darren Tucker <dtucker at zip.com.au> --- (In reply to cgallek from comment #2)> They do indeed go to stderr. Sorry, I didn't mean to imply > something was parsing them. But things like `rsync --quiet ...` and > `git fetch --quiet ...` are no longer quiet in this configuration. > This is particularly annoying in cron invocations that send stderr > in an email.Any reason you can't set the tool in question to invoke "ssh -q" or put "LogLevel quiet" or "LogLevel error" in the ssh_config or ~/.ssh/config for the relevant Host? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-20 13:53 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 --- Comment #4 from cgallek at gmail.com --- Those are certainly valid work-arounds to the issues I'm having, but I would argue that this message is not useful even in the interactive path with the default logging level. It's not an error and it doesn't solicit user interaction. All of the other uses of the INFO level in this file fall into one of those categories. It's certainly useful for development and debugging, but not to the end user. It may even be worth arguing that this message should be part of one of the DEBUG levels. The following examples from sshconnect2.c seem like valid precedent: line 399: debug("Authentication succeeded (%s).", authctxt.method->name); line 556: debug("Authentications that can continue: %s", authlist); line 1888: debug("Next authentication method: %s", name); -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jul-22 05:48 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2543 Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #5 from Darren Tucker <dtucker at zip.com.au> --- That's a reasonable point :-) Patch applied and will be in the 7.3 release. Thanks. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2543 [Bug 2543] Tracking bug for OpenSSH 7.3 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:42 UTC
[Bug 2599] Overly verbose partial authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2599 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Reasonably Related Threads
- Attempts to connect to Axway SFTP server result in publickey auth loopin
- [Bug 2543] New: Tracking bug for OpenSSH 7.3 release
- [Bug 2559] New: Warnings from reading moduli file, refer to primes file
- [Bug 2577] New: Port Forwarding on Proxy with ProxyCommand ssh -W does not work / bad file descriptor
- [Bug 2590] New: Seccomp filter for missing architectures