ssh server forces a command when it should not
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
portable OpenSSH |
Fix Released
|
Unknown
|
|||
openssh (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
When logging in on my home server I find it impossible to maintain both publickey and passphrase authentication. This has started happening recently, so I suspect an update might be responsible.
Set-up:
The user is set up to accept both publickey and password authentication in this order (the usual set-up). The authorized hosts looks like this (basically to allow only access to the repository and nothing more):
command="svnserver -t --tunnel-
The password login is left unrestricted.
Symptoms:
When connecting and having the key in the ~/.ssh/ directory, the client sends a notification (?) to the server about the key and it is taken as though it should succeed:
OpenSSH_4.6p1 Debian-5build1, OpenSSL 0.9.8e 23 Feb 2007
...
debug1: Connection established.
debug1: identity file /home/user/
debug1: identity file /home/user/
debug1: identity file /home/user/
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6p1 Debian-5build1
debug1: match: OpenSSH_4.6p1 Debian-5build1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-
...
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/
--> debug1: Offering public key: /home/user/
--> debug1: Remote: Forced command: svnserver -t --tunnel-user=user
debug1: Remote: Port forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-rsa blen 277
--> debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/
debug1: Next authentication method: password
user@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = cs_CZ.UTF-8
...here the svnserver takes over
does anyone have a clue what to try?
Changed in openssh: | |
status: | Unknown → Confirmed |
Changed in openssh: | |
status: | Confirmed → Fix Released |
Thank you for taking the time to report this bug and trying to help make Ubuntu better. Could you check the permission on the ssh configuration files ? Could you run the client in a more verbose mode ? Could you check there was a package upgrade on the server or the client by looking in /var/log/dpkg.log ?