bugzilla-daemon at mindrot.org
2020-Apr-09 02:21 UTC
[Bug 3146] New: ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Bug ID: 3146
Summary: ssh-keygen -R changes permissions on existing file
Product: Portable OpenSSH
Version: 7.9p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: ed at edgewood.to
Using ssh-keygen -R to remove a key from a file with group/other read
permission changes the permissions to remove any group and other bits.
This is good for ~/.ssh/known_hosts, which should be 600, but bad for
/etc/ssh/ssh_known_hosts, which should be 644.
Inspecting the source, the function that removes a key sets umask 077
before creating the new file for the existing lines (except the one to
be removed), but doesn't copy the permissions.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 03:53 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
CC| |djm at mindrot.org,
| |dtucker at dtucker.net
Status|NEW |ASSIGNED
Attachment #3392| |ok?(dtucker at dtucker.net)
Flags| |
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 3392
--> https://bugzilla.mindrot.org/attachment.cgi?id=3392&action=edit
preserve file mode
This preserves world and group readability when deleting or hashing
known_hosts files.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 03:53 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3162
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3162
[Bug 3162] Tracking bug for 8.4 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 04:08 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3392|ok?(dtucker at dtucker.net) |ok+
Flags| |
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-13 09:56 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 --- Comment #2 from Damien Miller <djm at mindrot.org> --- This has been committed and will be in OpenSSH 8.4 - thanks! -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-May-15 03:16 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-May-16 02:05 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 --- Comment #3 from ed at edgewood.to --- Thank you for fixing this! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:54 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #4 from Damien Miller <djm at mindrot.org> ---
close bugs that were resolved in OpenSSH 8.5 release cycle
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
Maybe Matching Threads
- [Bug 3198] New: Custom critical options are not lexically ordered
- [Bug 3162] New: Tracking bug for 8.4 release
- [Bug 1372] New: sshd(8) and ssh-keygen(1) refer to non-existent moduli(5)
- [Bug 1929] New: ssh-keygen fails to build because PKCS11 is not available
- [Bug 2459] New: ssh-keygen -t rsa1 should be removed from Makefile