[PATCH] contrib/ssh-copy-id: do not use shared connection

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



ssh-copy-id always needs new connection to the server when it
evaluates its version and tests if the key is already installed.
Before this patch ssh-copy-id might reuse existing shared connection
and hang in REMOTE_VERSION=(...) because it get interactive connection
which never ends. Also it will think that the key is already there
because connection using it is succeed.

This patch adds option "ControlPath=none" into command line and remote
command "exit" to be sure that test connection never hangs.
--- contrib/ssh-copy-id.orig	2014-06-08 13:51:04.654695477 +0400
+++ contrib/ssh-copy-id	2014-06-08 13:54:40.491698716 +0400
@@ -216,7 +216,8 @@
         # find if only given the contents of the .pub file in an unrelated tmpfile
         ssh -i "${PRIV_ID_FILE:-$L_TMP_ID_FILE}" \
             -o PreferredAuthentications=publickey \
-            -o IdentitiesOnly=yes "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null
+            -o IdentitiesOnly=yes -o ControlPath=none \
+            "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null
         if [ "$?" = "$L_SUCCESS" ] ; then
           : > $L_TMP_ID_FILE
         else
@@ -243,7 +244,7 @@
   printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2
 }
 
-REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 |
+REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' -o ControlPath=none "$@" exit 2>&1 |
                  sed -ne 's/.*remote software version //p')
 
 case "$REMOTE_VERSION" in
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux