Bug 129289 (IT_63737)

Summary: [PATCH] SSH -q flag does not suppress banner text
Product: Red Hat Enterprise Linux 3 Reporter: Bob Plankers <plankers>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: cranschau, laroche, tao
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2005-550 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-09-28 14:30:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 156320    
Attachments:
Description Flags
upstream backport of banner suppress patch none

Description Bob Plankers 2004-08-05 22:12:48 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7)
Gecko/20040803 Firefox/0.8

Description of problem:
Hello,

The -q flag does not appear to work as advertised for SSH with regard
to the "Banner" configuration option. The man page states that it is
"quiet mode" which suppresses warning and diagnostic messages. This is
important for things like batch/automated transfers and commands.

OpenSSH 3.8.1p1 on AIX, in comparison, suppresses the banner when
using -q.

In this case, I have set /etc/ssh/sshd_config's Banner option to read
"Banner /etc/issue.net" and customized issue.net with a legal warning.

Version-Release number of selected component (if applicable):
openssh-3.6.1p2-33.30.1

How reproducible:
Always

Steps to Reproduce:
1. Change /etc/ssh/sshd_config to have "Banner /etc/issue.net"
2. Restart sshd.
3. ssh -q localhost
    

Actual Results:  Red Hat Enterprise Linux AS release 3 (Taroon Update 2)
Kernel \r on an \m
plankers@localhost's password: 


Expected Results:  plankers@localhost's password: 


Additional info:

Comment 1 Brian McEntire 2004-09-24 21:09:58 UTC
I too have seen this problem. It is fixed with a newer version of
OpenSSH, but Redhat hasn't released newer RPMs nor have they back
ported the fix yet.

I'm not sure how the OpenSSH maintainers fixed it, but here is my
patch, it fixes the problem for me. Your mileage may very:

--- scp.c.orig  2004-09-24 14:50:51.000000000 -0400
+++ scp.c       2004-09-24 14:51:42.000000000 -0400
@@ -267,6 +267,7 @@
                        verbose_mode = 1;
                        break;
                case 'q':
+                       addargs(&args, "-q");
                        showprogress = 0;
                        break;


In case you don't read diffs (or incase the -u diff isn't what you
wanted) it boils down to adding the 'addargs(&args, "-q");' line to
the case 'q' statement.

I hope Redhat will fix this soon and release updated RPMs. Rebuilding
them from SRPMs every time a new release of OpenSSH comes out is a pain.

Comment 2 Brian McEntire 2004-09-24 22:55:19 UTC
Oops, sorry. Above patch is for suppressing the banner with -q during
scp copies. I'm not sure how to fix ssh to suppress the banner. Hope
Redhat can offer a fix.

Comment 3 Cory Ranschau 2004-12-22 21:54:56 UTC
I am getting the same problem.  An ssh -q will quiet several warnings
but will not silence the banner from coming across.  

I have a number of users at our location that are parsing the output
of commands on a remote system and are being harassed with the banner
that comes across.  A Fedora Core 3 machine will silence the banner
with the -q flag set at login.  

Anyone have a patch that could be applied to a SRPM for more than SCP
as listed above?

Comment 4 Neil Horman 2005-01-21 19:23:55 UTC
Created attachment 110067 [details]
upstream backport of banner suppress patch

This is the upstream fix for -q to suppress banner messages, backported to the
latest Red Hat Release.

Comment 5 Cory Ranschau 2005-01-21 20:32:19 UTC
Thanks for the patch. This patched the bug as requested for me.  Can
this be expected to be implemented on any future errata releases for
Openssh-server?

Comment 10 Red Hat Bugzilla 2005-09-28 14:30:34 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-550.html