Bug 26344

Summary: openssh 2.3.0p1 may ask for DSA password in batch mode
Product: [Retired] Red Hat Linux Reporter: Jay Berkenbilt <ejb>
Component: opensshAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1CC: ejb, pekkas
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-02-24 06:20:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch mentioned in bug report none

Description Jay Berkenbilt 2001-02-06 19:00:01 UTC 
With no agent running

ssh host -o "Protocol 1" -o "BatchMode yes"

will fail without prompting for a password, as it should.  However

ssh host -o "Protocol 2" -o "BatchMode yes"

will prompt for a password.  The following patch, relative to the
BUILD/openssh-2.3.0p1 directory after rpm -bp SPECS/openssh.spec (on
the Fisher src.rpm) has been run, fixes the problem.  This change was
made by shamelessly copying code from sshconnect1.c into
sshconnect2.c, though there certainly seems to be good precedent for
doing that. :-)

I have also reported this to openssh (with a patch
relative to the clean sources, offset from this by 14 lines).

I am attaching the patch to this bug report as a file.
Comment 1 Jay Berkenbilt 2001-02-06 19:01:04 UTC 
Created attachment 9159 [details]
patch mentioned in bug report
Comment 2 Jay Berkenbilt 2001-02-22 14:36:27 UTC 
FWIW, openssh 2.5.1p1 fixes this problem and also implements -R and agent
forwarding for ssh2 as well as sftp.  Maybe it's a pipe dream that this could be
included in 7.1 but it sure would be nice. :-)
Comment 3 Jay Berkenbilt 2001-02-24 06:20:02 UTC 
This bug and others are fixed in the recently released openssh 2.5.1p1.
Comment 4 Pekka Savola 2001-02-24 08:12:01 UTC 
2.5.1p1 is (will be) in rawhide.