Red Hat Bugzilla – Bug 26344
openssh 2.3.0p1 may ask for DSA password in batch mode
Last modified: 2008-05-01 11:37:59 EDT
With no agent running
ssh host -o "Protocol 1" -o "BatchMode yes"
will fail without prompting for a password, as it should. However
ssh host -o "Protocol 2" -o "BatchMode yes"
will prompt for a password. The following patch, relative to the
BUILD/openssh-2.3.0p1 directory after rpm -bp SPECS/openssh.spec (on
the Fisher src.rpm) has been run, fixes the problem. This change was
made by shamelessly copying code from sshconnect1.c into
sshconnect2.c, though there certainly seems to be good precedent for
doing that. :-)
I have also reported this to email@example.com (with a patch
relative to the clean sources, offset from this by 14 lines).
I am attaching the patch to this bug report as a file.
Created attachment 9159 [details]
patch mentioned in bug report
FWIW, openssh 2.5.1p1 fixes this problem and also implements -R and agent
forwarding for ssh2 as well as sftp. Maybe it's a pipe dream that this could be
included in 7.1 but it sure would be nice. :-)
This bug and others are fixed in the recently released openssh 2.5.1p1.
2.5.1p1 is (will be) in rawhide.