Bug 613627 - the patch for distribution authozed keys should be updated
Summary: the patch for distribution authozed keys should be updated
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssh   
(Show other bugs)
Version: 6.0
Hardware: All Linux
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Miroslav Vadkerti
Depends On:
TreeView+ depends on / blocked
Reported: 2010-07-12 13:07 UTC by Jan F. Chadima
Modified: 2010-11-10 21:17 UTC (History)
4 users (show)

Fixed In Version: openssh-5.3p1-19.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-11-10 21:17:06 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Jan F. Chadima 2010-07-12 13:07:42 UTC
Description of problem:
the patch enabling distribution of the aythorized keys should be updated to be compatible with the upstream version.

Comment 1 Tomas Mraz 2010-07-12 13:19:45 UTC
The patch as is currently included in RHEL-6 openssh package has some minor security weaknessess - not vulnerabilities per se but the administrator might create insecure configurations with it.

Comment 6 Miroslav Vadkerti 2010-08-12 10:17:40 UTC
VERIFIED as fixed in openssh-5.3p1-19.el6

NEW PACKAGE - openssh-5.3p1-19.el6
:: [   PASS   ] :: File '/etc/ssh/sshd_config' should contain 'AuthorizedKeysCommand'
:: [   PASS   ] :: File '/etc/ssh/sshd_config' should contain 'AuthorizedKeysCommandRunAs'
:: [   PASS   ] :: RESULT: Test

OLD PACKAGE - openssh-5.3p1-18.el6
:: [   FAIL   ] :: File '/etc/ssh/sshd_config' should contain 'AuthorizedKeysCommand' 
:: [   FAIL   ] :: File '/etc/ssh/sshd_config' should contain 'AuthorizedKeysCommandRunAs' 
:: [   FAIL   ] :: RESULT: Test

Comment 7 releng-rhel@redhat.com 2010-11-10 21:17:06 UTC
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.