bugzilla-daemon at mindrot.org
2020-Apr-09 02:21 UTC
[Bug 3146] New: ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Bug ID: 3146 Summary: ssh-keygen -R changes permissions on existing file Product: Portable OpenSSH Version: 7.9p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at mindrot.org Reporter: ed at edgewood.to Using ssh-keygen -R to remove a key from a file with group/other read permission changes the permissions to remove any group and other bits. This is good for ~/.ssh/known_hosts, which should be 600, but bad for /etc/ssh/ssh_known_hosts, which should be 644. Inspecting the source, the function that removes a key sets umask 077 before creating the new file for the existing lines (except the one to be removed), but doesn't copy the permissions. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 03:53 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org CC| |djm at mindrot.org, | |dtucker at dtucker.net Status|NEW |ASSIGNED Attachment #3392| |ok?(dtucker at dtucker.net) Flags| | --- Comment #1 from Damien Miller <djm at mindrot.org> --- Created attachment 3392 --> https://bugzilla.mindrot.org/attachment.cgi?id=3392&action=edit preserve file mode This preserves world and group readability when deleting or hashing known_hosts files. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 03:53 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |3162 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3162 [Bug 3162] Tracking bug for 8.4 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-08 04:08 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3392|ok?(dtucker at dtucker.net) |ok+ Flags| | -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-May-13 09:56 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 --- Comment #2 from Damien Miller <djm at mindrot.org> --- This has been committed and will be in OpenSSH 8.4 - thanks! -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-May-15 03:16 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-May-16 02:05 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 --- Comment #3 from ed at edgewood.to --- Thank you for fixing this! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:54 UTC
[Bug 3146] ssh-keygen -R changes permissions on existing file
https://bugzilla.mindrot.org/show_bug.cgi?id=3146 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #4 from Damien Miller <djm at mindrot.org> --- close bugs that were resolved in OpenSSH 8.5 release cycle -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
Maybe Matching Threads
- [Bug 3198] New: Custom critical options are not lexically ordered
- [Bug 3162] New: Tracking bug for 8.4 release
- [Bug 1372] New: sshd(8) and ssh-keygen(1) refer to non-existent moduli(5)
- [Bug 1929] New: ssh-keygen fails to build because PKCS11 is not available
- [Bug 2459] New: ssh-keygen -t rsa1 should be removed from Makefile