ssh-copy-id always needs new connection to the server when it evaluates its version and tests if the key is already installed. Before this patch ssh-copy-id might reuse existing shared connection and hang in REMOTE_VERSION=(...) because it get interactive connection which never ends. Also it will think that the key is already there because connection using it is succeed. This patch adds option "ControlPath=none" into command line and remote command "exit" to be sure that test connection never hangs.
--- contrib/ssh-copy-id.orig 2014-06-08 13:51:04.654695477 +0400 +++ contrib/ssh-copy-id 2014-06-08 13:54:40.491698716 +0400 @@ -216,7 +216,8 @@ # find if only given the contents of the .pub file in an unrelated tmpfile ssh -i "${PRIV_ID_FILE:-$L_TMP_ID_FILE}" \ -o PreferredAuthentications=publickey \ - -o IdentitiesOnly=yes "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null + -o IdentitiesOnly=yes -o ControlPath=none \ + "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null if [ "$?" = "$L_SUCCESS" ] ; then : > $L_TMP_ID_FILE else @@ -243,7 +244,7 @@ printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2 } -REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 | +REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' -o ControlPath=none "$@" exit 2>&1 | sed -ne 's/.*remote software version //p') case "$REMOTE_VERSION" in
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev