Red Hat Bugzilla – Bug 1008042
sftp program has tty attributes setting problem
Last modified: 2015-02-11 03:57:27 EST
Description of problem: the sftp program in RHEL 6.1/6.2/6.3/6.4 has a bug in tty settings.
Version-Release number of selected component (if applicable):
6.1/6.2/6.3/6.4, likely 6.0 and 6.5 but didn't test to confirm.
Easy to reproduce.
Steps to Reproduce:
1. stty -echo
2. sftp user@server
3. key in pass as prompted.
4. cd /tmp
7. stty -a
The entered sftp sub-commands in step 4 to step 6 are visible, and the OS command entered after sftp in step 7 is also visible.
Those inputs entered in step 4 to step 7 shouldn't be visible.
RHEL 5.x doesn't have this issue, and Solaris/AIX/HP-UX sftp also do not have such problem.
this bug affect our security to let customer to download file using a menu: we wan t to hide the sftp sub-commands.
an developer from openssh has reproduced the issue when --with-libedit compilation setting is used and can't reproduce it when that is not in use. So confirmed the issue is with the 2.11 libedit.
Please fix the problem.
What's the real reason when you generate openssh RPM to include the "--with-libedit"? In RHEL 5.x, you didn't use the option, and openssh is working fine.
Other UNIX vendors' openssh also don't use libedit and have no such problem or other problems, so need to understand why you include the libedit and make openssh not able to control the tty setting properly?
libedit implements the line editing user interface with history. See bug 203009.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Adding related openssh bug tracker where was some discussion about this topic in upstream, ubuntu and fedora.
* on RHEL 6 sftp command (even failed) is resetting tty attributes
* current Fedora and RHEL 7 are doing better and are NOT resetting tty attributes after sftp connection, but if I understand well, this is not the primary problem for you, but I consider it as a bug in rhel6 (they are not showing line 7)
* All releases with libedit do show what is written in sftp prompt (ex. libedit-3.1-9.20141030cvs.fc22.x86_64)
- Recompiling without -with-libedit helped, but I don't think this is a solution. There is problem in libedit initialization/temination, which is forcing you to have echo in your tty attributes (libedit-2.11-4.20080712cvs.1.el6.x86_64). Commit fixing save&restore of tty attributes in libedit is here (from openssh bugzilla):
- Additionally I tried to the same use case with ssh instead of sftp and it works for me according to your specification _only_ in Fedora 21 (commands in remote shell are not shown). In RHEL 6, 7 and Fedora 20, everything in remove shell is visible. This issue can be solved using this patch from upstream:
- For now, libedit doesn't accept given tty attributes, because there is no reason to have history without being written back to prompt. Possibilities:
* It will be possible to make some workaround to ignore libedit if we don't have ECHO attribute on tty
* or you can use as workaround input from some file instead of stdin (since you use it in some script if I'm right), because for nontty there is not initialized libedit
* or to make some commandline option to disable libedit
Jakub, please have a look at bug #1010154, there is a fix available for RHEL-6.
Jakub, thanks for working on this issue, and if the workaround can be implemented when tty has no ECHO, libedit will be ignored, that will be great.
Kamil, I checked the bug #1010154, but couldn't find the fix.
I only find the change made in 2013 to restore tty setting, but no further update in bug #1010154.
Kamil, thank you for pointing me to this bugzilla, but why is it not yet in RHEL6? Patch is quite similar like the one I linked from upstream.
If I understand well, this is just a thing that is missing because someone was too lazy to put this line into 2008 tarball instead of a comment. I think this is quite reasonable change.
But still there is the question if the whole problem should be fixed in sftp or libedit. Should libedit overwrite tty attributes? The detection of ECHO attribute in sftp seems to me like ugly workaround, but detection in libedit after so many years may lead to regression with other use cases. Lets see Petr's opinion about this issue.
(In reply to Jakub Jelen from comment #11)
> Kamil, thank you for pointing me to this bugzilla, but why is it not yet in
Bug #1010154 has not been approved by Product Management for inclusion in a minor update of RHEL.
> But still there is the question if the whole problem should be fixed in sftp
> or libedit. Should libedit overwrite tty attributes?
First off, the "whole problem" needs to be classified as a problem (or bug) by upstream developers. Upstream has never confirmed there is a problem with the current behavior.
By common sense, if user wants to disable the tty ECHO, a program should allow that, otherwise there would be no way for user to take control of that behavior.
I consider this issue as duplicate of bug #1010154 which needs to be resolved in libedit first. With the fixed libedit, openssh would behave reasonably.
*** This bug has been marked as a duplicate of bug 1010154 ***