Incorrect text found in openssh-client/auth-file.c:542

Bug #663455 reported by Daryl Lublink on 2010-10-19
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
portable OpenSSH
Fix Released
Low
openssh (Ubuntu)
Low
Unassigned

Bug Description

Binary package hint: metacity

install the openssh-client source code, look at auth-file.c and see this stanza :

int
key_perm_ok(int fd, const char *filename)
{
     struct stat st;

     if (fstat(fd, &st) < 0)
          return 0;
     /*
      * if a key owned by the user is accessed, then we check the
      * permissions of the file. if the key owned by a different user,
      * then we don't care.
      */
#ifdef HAVE_CYGWIN
     if (check_ntsec(filename))
#endif
     if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {
          error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
          error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
          error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
          error("Permissions 0%3.3o for '%s' are too open.",
              (u_int)st.st_mode & 0777, filename);
          error("It is recommended that your private key files are NOT accessible by others.");
          error("This private key will be ignored.");
          return 0;
     }
     return 1;
}

The text "It is recommended that your private key files are NOT accessible by others." should read "It is not permitted....".

There is no work around to use a non-protected private key, therefore it is incorrect to say recommend.

Related branches

Daryl Lublink (dlublink) wrote :
Daryl Lublink (dlublink) wrote :

Sorry, wrong package...

affects: metacity (Ubuntu) → openssh (Ubuntu)
Thierry Carrez (ttx) on 2010-10-20
Changed in openssh (Ubuntu):
importance: Undecided → Low
status: New → Confirmed
tags: added: patch
Colin Watson (cjwatson) wrote :

Thanks for your patch. This ought to be sent upstream rather than being incorporated into the Ubuntu package directly. I'll forward it.

David Lublink reported the following as an Ubuntu bug:

int
key_perm_ok(int fd, const char *filename)
{
[...]
          error("Permissions 0%3.3o for '%s' are too open.",
              (u_int)st.st_mode & 0777, filename);
          error("It is recommended that your private key files are NOT accessible by others.");
          error("This private key will be ignored.");
          return 0;
     }
     return 1;
}

The text "It is recommended that your private key files are NOT accessible by others." should read "It is not permitted....".

There is no workaround to use a non-protected private key, therefore it is incorrect to say "recommended".

Changed in openssh (Ubuntu):
status: Confirmed → Triaged
Colin Watson (cjwatson) wrote :

Forwarded as https://bugzilla.mindrot.org/show_bug.cgi?id=1878 (feel free to follow up there), and unsubscribed ubuntu-sponsors.

patch applied - thanks

close resolved bugs now that openssh-5.9 has been released

Changed in openssh:
importance: Unknown → Low
status: Unknown → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:5.9p1-1ubuntu1

---------------
openssh (1:5.9p1-1ubuntu1) precise; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Add support for registering ConsoleKit sessions on login.
    - Drop openssh-blacklist and openssh-blacklist-extra to Suggests.
    - Convert to Upstart. The init script is still here for the benefit of
      people running sshd in chroots.
    - Install apport hook.
    - Add mention of ssh-keygen in ssh connect warning.

openssh (1:5.9p1-1) unstable; urgency=low

  * New upstream release (http://www.openssh.org/txt/release-5.9).
    - Introduce sandboxing of the pre-auth privsep child using an optional
      sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
      mandatory restrictions on the syscalls the privsep child can perform.
    - Add new SHA256-based HMAC transport integrity modes from
      http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
    - The pre-authentication sshd(8) privilege separation slave process now
      logs via a socket shared with the master process, avoiding the need to
      maintain /dev/log inside the chroot (closes: #75043, #429243,
      #599240).
    - ssh(1) now warns when a server refuses X11 forwarding (closes:
      #504757).
    - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
      separated by whitespace (closes: #76312). The authorized_keys2
      fallback is deprecated but documented (closes: #560156).
    - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
      ToS/DSCP (closes: #498297).
    - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
      - < /path/to/key" (closes: #229124).
    - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
    - Say "required" rather than "recommended" in unprotected-private-key
      warning (LP: #663455).
  * Update OpenSSH FAQ to revision 1.112.
 -- Colin Watson <email address hidden> Mon, 17 Oct 2011 16:04:47 +0100

Changed in openssh (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.