Bug#804820: marked as done (ControlPersist disables UpdateHostKeys, even with -Snone)

To: Colin Watson <cjwatson@debian.org>
Subject: Bug#804820: marked as done (ControlPersist disables UpdateHostKeys, even with -Snone)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 03 Oct 2021 18:39:17 +0000
Message-id: <[🔎] handler.804820.D804820.163328615510860.ackdone@bugs.debian.org>
Reply-to: 804820@bugs.debian.org
References: <YVnuFOyWdGOLrdpz@riva.ucam.org> <20151112040531.GA10747@fishbowl.rw.madduck.net>

Your message dated Sun, 3 Oct 2021 18:53:24 +0100
with message-id <YVnuFOyWdGOLrdpz@riva.ucam.org>
and subject line Re: Bug#804820: ControlPersist disables UpdateHostKeys, even with -Snone
has caused the Debian Bug report #804820,
regarding ControlPersist disables UpdateHostKeys, even with -Snone
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
804820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804820
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ControlPersist disables UpdateHostKeys, even with -Snone
From: martin f krafft <madduck@debian.org>
Date: Thu, 12 Nov 2015 17:05:31 +1300
Message-id: <20151112040531.GA10747@fishbowl.rw.madduck.net>

Package: openssh-client
Version: 1:6.9p1-2+b1
Severity: minor
File: /usr/bin/ssh

This makes sense:

  fishbowl:~% ssh -v cirrus
  OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015
  […]
  debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling

But when I pass -Snone, I effectively disable ControlPersist, and so
UpdateHostKeys should become effective.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.18.3
ii  libc6             2.19-22
ii  libedit2          3.1-20150325-1
ii  libgssapi-krb5-2  1.13.2+dfsg-4
ii  libselinux1       2.3-2+b1
ii  libssl1.0.2       1.0.2d-3
ii  passwd            1:4.2-3
ii  zlib1g            1:1.2.8.dfsg-2+b1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.9-1

Versions of packages openssh-client suggests:
pn  keychain                         <none>
pn  libpam-ssh                       <none>
ii  monkeysphere                     0.37-3
ii  ssh-askpass-gnome [ssh-askpass]  1:6.9p1-2+b1

-- debconf-show failed

-- 
 .''`.   martin f. krafft <madduck@d.o> @martinkrafft
: :'  :  proud Debian developer
`. `'`   http://people.debian.org/~madduck
  `-  Debian - when you have better things to do than fixing systems

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)

--- End Message ---

--- Begin Message ---

To: 804820-done@bugs.debian.org
Subject: Re: Bug#804820: ControlPersist disables UpdateHostKeys, even with -Snone
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 3 Oct 2021 18:53:24 +0100
Message-id: <YVnuFOyWdGOLrdpz@riva.ucam.org>
In-reply-to: <20151112040531.GA10747@fishbowl.rw.madduck.net>
References: <20151112040531.GA10747@fishbowl.rw.madduck.net>

Source: openssh
Source-Version: 1:8.2p1-1

On Thu, Nov 12, 2015 at 05:05:31PM +1300, martin f krafft wrote:
> This makes sense:
> 
>   fishbowl:~% ssh -v cirrus
>   OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015
>   […]
>   debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling
> 
> But when I pass -Snone, I effectively disable ControlPersist, and so
> UpdateHostKeys should become effective.

This seems to have been fixed in passing in OpenSSH 8.2:

  https://anongit.mindrot.org/openssh.git/commit/?id=7955633a554397bc24913cec9fd7285002935f7e

diff --git a/ssh.c b/ssh.c
index 8931ecf81..4998ebc16 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.514 2020/01/25 00:03:36 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.515 2020/01/25 00:21:08 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1248,7 +1248,7 @@ main(int ac, char **av)
            strcmp(options.proxy_command, "-") == 0 &&
            options.proxy_use_fdpass)
                fatal("ProxyCommand=- and ProxyUseFDPass are incompatible");
-       if (options.control_persist &&
+       if (options.control_persist && options.control_path != NULL &&
            options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) {
                debug("UpdateHostKeys=ask is incompatible with ControlPersist; "
                    "disabling");

-- 
Colin Watson (he/him)                              [cjwatson@debian.org]

--- End Message ---

Reply to:

Next by Date: Bug#854650: marked as done (openssh-client: does not list rsa-sha2-256 and rsa-sha2-512)
Next by thread: Bug#854650: marked as done (openssh-client: does not list rsa-sha2-256 and rsa-sha2-512)
Index(es):
- Date
- Thread