Debian Bug report logs - #221675
ssh-copy-id should check ssh-add -L exit status

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Clement Hermann <clement.hermann@free.fr>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: ssh-copy-id should stop when there is no identity loaded. Patch attached.

Date: Wed, 19 Nov 2003 15:56:41 +0100

[Message part 1 (text/plain, inline)]

Package: ssh
Version: 1:3.6.1p2-10
Severity: normal

ssh-copy-id checks and fail if no agent is running, but continue if there is 
an agent without identity loaded (e.g. unloaded because of a timeout or 
never loaded).

a patch is attached (the agent answer "The agent has no identities." if no 
identity is loaded, and... doesn't answer if it is not running ;) )


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux clement.eolas.lan 2.4.21-4-686 #1 Sat Aug 2 23:27:25 EST 2003 i686
Locale: LANG=fr_FR.ISO-8859-1, LC_CTYPE=fr_FR.ISO-8859-1

Versions of packages ssh depends on:
ii  adduser                     3.51         Add and remove users and groups
ii  debconf                     1.3.20       Debian configuration management sy
ii  dpkg                        1.10.18      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-14      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-14      Runtime support for the PAM librar
ii  libpam0g                    0.76-14      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7c-5     SSL shared libraries
ii  libwrap0                    7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.1.4-16   compression library - runtime

-- debconf information:
* ssh/privsep_tell:
  ssh/insecure_rshd:
  ssh/privsep_ask: true
  ssh/ssh2_keys_merged:
* ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
* ssh/SUID_client: true

[ssh-copy-id.patch (text/plain, inline)]

--- /usr/bin/ssh-copy-id	2003-11-16 03:32:21.000000000 +0100
+++ ssh-copy-id_fixed	2003-11-18 18:45:38.000000000 +0100
@@ -28,7 +28,7 @@
   GET_ID="cat ${ID_FILE}"
 fi
 
-if [ -z "`eval $GET_ID`" ]; then
+if [ -z "`eval $GET_ID`" ] || [ "`eval $GET_ID`" == "The agent has no identities." ]; then
   echo "$0: ERROR: No identities found" >&2
   exit 1
 fi

Message #10 received at 221675@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: Clement Hermann <clement.hermann@free.fr>, 221675@bugs.debian.org

Subject: Re: Bug#221675: ssh-copy-id should stop when there is no identity loaded. Patch attached.

Date: Sun, 4 Jan 2004 18:55:01 +0000

On Wed, Nov 19, 2003 at 03:56:41PM +0100, Clement Hermann wrote:
> ssh-copy-id checks and fail if no agent is running, but continue if there 
> is an agent without identity loaded (e.g. unloaded because of a timeout or 
> never loaded).
> 
> a patch is attached (the agent answer "The agent has no identities." if no 
> identity is loaded, and... doesn't answer if it is not running ;) )

Ewwww. :) Why not just look at the agent's exit code?

I'll have a look, but ssh-copy-id is kind of horrible ...

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Message #15 received at 221675@bugs.debian.org (full text, mbox, reply):

From: Clement 'nodens' Hermann <clement.hermann@free.fr>

To: Colin Watson <cjwatson@debian.org>

Cc: 221675@bugs.debian.org

Subject: Re: Bug#221675: ssh-copy-id should stop when there is no identity loaded. Patch attached.

Date: Mon, 05 Jan 2004 10:09:32 +0100

Colin Watson wrote:
> On Wed, Nov 19, 2003 at 03:56:41PM +0100, Clement Hermann wrote:
> 
>>ssh-copy-id checks and fail if no agent is running, but continue if there 
>>is an agent without identity loaded (e.g. unloaded because of a timeout or 
>>never loaded).
>>
>>a patch is attached (the agent answer "The agent has no identities." if no 
>>identity is loaded, and... doesn't answer if it is not running ;) )
> 
> 
> Ewwww. :) Why not just look at the agent's exit code?

> I'll have a look, but ssh-copy-id is kind of horrible ...
> 


-- 
Clément 'nodens' Hermann <clement.hermann@free.fr>
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
-- Jean in "l'Histoire des Pingouins" - http://tnemeth.free.fr/fmbl/linuxsf

Message #20 received at 221675@bugs.debian.org (full text, mbox, reply):

From: Clement 'nodens' Hermann <clement.hermann@free.fr>

To: Colin Watson <cjwatson@debian.org>

Cc: 221675@bugs.debian.org

Subject: Re: Bug#221675: ssh-copy-id should stop when there is no identity loaded. Patch attached.

Date: Mon, 05 Jan 2004 10:10:25 +0100

Colin Watson wrote:
> On Wed, Nov 19, 2003 at 03:56:41PM +0100, Clement Hermann wrote:
> 
>>ssh-copy-id checks and fail if no agent is running, but continue if there 
>>is an agent without identity loaded (e.g. unloaded because of a timeout or 
>>never loaded).
>>
>>a patch is attached (the agent answer "The agent has no identities." if no 
>>identity is loaded, and... doesn't answer if it is not running ;) )
> 
> 
> Ewwww. :) Why not just look at the agent's exit code?

well, you're right, that was a quick and dirty fix for a quick and dirty 
script ;)


-- 
Clément 'nodens' Hermann <clement.hermann@free.fr>
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
-- Jean in "l'Histoire des Pingouins" - http://tnemeth.free.fr/fmbl/linuxsf

Message #25 received at 221675@bugs.debian.org (full text, mbox, reply):

From: Adeodato Simó <asp16@alu.ua.es>

To: 221675@bugs.debian.org

Cc: control@bugs.debian.org

Subject: better and simpler patch for this bug

Date: Mon, 12 Jul 2004 03:51:53 +0200

[Message part 1 (text/plain, inline)]

retitle 221675 ssh-copy-id should check ssh-add -L exit status
tag 221675 patch
thanks

  hi, the attached patch prevents ssh-add -L output being used if the
  command exits with non-zero status.

  cheers,

-- 
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
There may be no I in TEAM, but a M and an E.

[fix-221675 (text/plain, attachment)]

Message #40 received at 221675-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 221675-close@bugs.debian.org

Subject: Bug#221675: fixed in openssh 1:4.6p1-5

Date: Mon, 30 Jul 2007 09:17:04 +0000

Source: openssh
Source-Version: 1:4.6p1-5

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_4.6p1-5_powerpc.udeb
  to pool/main/o/openssh/openssh-client-udeb_4.6p1-5_powerpc.udeb
openssh-client_4.6p1-5_powerpc.deb
  to pool/main/o/openssh/openssh-client_4.6p1-5_powerpc.deb
openssh-server-udeb_4.6p1-5_powerpc.udeb
  to pool/main/o/openssh/openssh-server-udeb_4.6p1-5_powerpc.udeb
openssh-server_4.6p1-5_powerpc.deb
  to pool/main/o/openssh/openssh-server_4.6p1-5_powerpc.deb
openssh_4.6p1-5.diff.gz
  to pool/main/o/openssh/openssh_4.6p1-5.diff.gz
openssh_4.6p1-5.dsc
  to pool/main/o/openssh/openssh_4.6p1-5.dsc
ssh-askpass-gnome_4.6p1-5_powerpc.deb
  to pool/main/o/openssh/ssh-askpass-gnome_4.6p1-5_powerpc.deb
ssh-krb5_4.6p1-5_all.deb
  to pool/main/o/openssh/ssh-krb5_4.6p1-5_all.deb
ssh_4.6p1-5_all.deb
  to pool/main/o/openssh/ssh_4.6p1-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 221675@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 30 Jul 2007 09:34:38 +0100
Source: openssh
Binary: ssh-askpass-gnome ssh-krb5 openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source powerpc all
Version: 1:4.6p1-5
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell server, an rshd replacement
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 221675 234627 291534 431970
Changes: 
 openssh (1:4.6p1-5) unstable; urgency=low
 .
   * Identify ssh as a metapackage rather than a transitional package. It's
     still useful as a quick way to install both the client and the server.
   * ssh-copy-id now checks the exit status of ssh-add -L (thanks, Adeodato
     Simó; closes: #221675).
   * ssh-copy-id no longer prints the output of expr (thanks, Peter
     Eisentraut; closes: #291534).
   * ssh-copy-id defaults to ~/.ssh/id_rsa.pub rather than
     ~/.ssh/identity.pub, in line with ssh-keygen (thanks, Greg Norris;
     closes: #234627).
   * Build-depend on libselinux1-dev on lpia.
   * openssh-client Suggests: keychain.
   * debconf template translations:
     - Update Catalan (thanks, Jordà Polo; closes: #431970).
Files: 
 f826935a59643e9cb5b729639dc6e30c 1067 net standard openssh_4.6p1-5.dsc
 3e7000b65496e629e3c29a645b1aabd7 182655 net standard openssh_4.6p1-5.diff.gz
 7ed9dda8fcc9deb0796757c24d84bf11 1052 net extra ssh_4.6p1-5_all.deb
 788af0b8c5e9293ebf7fc8e2ac3327fa 79682 net extra ssh-krb5_4.6p1-5_all.deb
 cc8a4f6e757c2d23f9fe24171cbe7f01 711288 net standard openssh-client_4.6p1-5_powerpc.deb
 12e5c9039ead16bb6109db75c86cb356 267630 net optional openssh-server_4.6p1-5_powerpc.deb
 2f08e4079ba32add6b50e022ad04761f 90128 gnome optional ssh-askpass-gnome_4.6p1-5_powerpc.deb
 c3aae34d9523c6df9a91535ec07c062c 177544 debian-installer optional openssh-client-udeb_4.6p1-5_powerpc.udeb
 7082208993909d71efd46e1c47558825 184576 debian-installer optional openssh-server-udeb_4.6p1-5_powerpc.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGraj79t0zAhD6TNERAmcFAJ0Wr9WNJ2p9i2j4G1rsMi8f46DvPgCeKLZC
j5dOY+oX5SovBkP3+S78Cdc=
=eFoJ
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.