Bug 1933517
Summary: | ssh-copy-id could not resolve ipv6 address ends with colon | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | ZX <zx> | ||||
Component: | openssh | Assignee: | Dmitry Belyavskiy <dbelyavs> | ||||
Status: | CLOSED ERRATA | QA Contact: | Marek Havrila <mhavrila> | ||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 8.3 | CC: | asosedki, dbelyavs, jjelen, mhavrila | ||||
Target Milestone: | rc | Keywords: | Triaged | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | openssh-8.0p1-7.el8 | Doc Type: | No Doc Update | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2021-11-09 19:32:04 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
ZX
2021-02-28 21:42:49 UTC
Does the pure "ssh" with this IP work? Does adding the address to the square braces as recommended by the manual page work? ssh 2001:db8:: --- works ssh [2001:db8::] --- does not work ssh-copy-id 2001:db8:: --- does not work ssh-copy-id [2001:db8::] --- does not work Unfortunately, I do not have any IPv6 address ending with colon to try with ... Can you try with "set -x" to see what is being executed? The ssh-copy-id is just a bash script so it might help to see how it is executing ssh. Thank you Jakub Jelen, I found the bug in the bash script. I've submitted a patch and it works. Created attachment 1760269 [details]
patch to resolve the bug
Sorry the file is in packages: openssh-clients-8.0p1-5.el8.x86_64 openssh-clients-7.4p1-21.el7.x86_64 And also, I noticed that upstream openssh-8.4p1 (September 2020) has fixed the bug. We could consider updating the OpenSSH components to 8.4p1 in RHEL 7 and 8. Thank you for debugging the issue and submitting a patch. I filled the following MR to update at least the comment, which was kept there even though the the code removing colon was no longer there. We do not plan to update RHEL to newer versions, because we need to keep the RHEL stable. New OpenSSH 8.4p1 is available in Fedora. But we can patch the ssh-copy-id script in the next update of RHEL8. RHEL 7 now accepts only critical security fixes, which this indeed is not. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: openssh security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:4368 |