Your message dated Sun, 3 Oct 2021 18:53:24 +0100 with message-id <YVnuFOyWdGOLrdpz@riva.ucam.org> and subject line Re: Bug#804820: ControlPersist disables UpdateHostKeys, even with -Snone has caused the Debian Bug report #804820, regarding ControlPersist disables UpdateHostKeys, even with -Snone to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 804820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804820 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ControlPersist disables UpdateHostKeys, even with -Snone
- From: martin f krafft <madduck@debian.org>
- Date: Thu, 12 Nov 2015 17:05:31 +1300
- Message-id: <20151112040531.GA10747@fishbowl.rw.madduck.net>
Package: openssh-client Version: 1:6.9p1-2+b1 Severity: minor File: /usr/bin/ssh This makes sense: fishbowl:~% ssh -v cirrus OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015 […] debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling But when I pass -Snone, I effectively disable ControlPersist, and so UpdateHostKeys should become effective. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssh-client depends on: ii adduser 3.113+nmu3 ii dpkg 1.18.3 ii libc6 2.19-22 ii libedit2 3.1-20150325-1 ii libgssapi-krb5-2 1.13.2+dfsg-4 ii libselinux1 2.3-2+b1 ii libssl1.0.2 1.0.2d-3 ii passwd 1:4.2-3 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages openssh-client recommends: ii xauth 1:1.0.9-1 Versions of packages openssh-client suggests: pn keychain <none> pn libpam-ssh <none> ii monkeysphere 0.37-3 ii ssh-askpass-gnome [ssh-askpass] 1:6.9p1-2+b1 -- debconf-show failed -- .''`. martin f. krafft <madduck@d.o> @martinkrafft : :' : proud Debian developer `. `'` http://people.debian.org/~madduck `- Debian - when you have better things to do than fixing systemsAttachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
--- End Message ---
--- Begin Message ---
- To: 804820-done@bugs.debian.org
- Subject: Re: Bug#804820: ControlPersist disables UpdateHostKeys, even with -Snone
- From: Colin Watson <cjwatson@debian.org>
- Date: Sun, 3 Oct 2021 18:53:24 +0100
- Message-id: <YVnuFOyWdGOLrdpz@riva.ucam.org>
- In-reply-to: <20151112040531.GA10747@fishbowl.rw.madduck.net>
- References: <20151112040531.GA10747@fishbowl.rw.madduck.net>
Source: openssh Source-Version: 1:8.2p1-1 On Thu, Nov 12, 2015 at 05:05:31PM +1300, martin f krafft wrote: > This makes sense: > > fishbowl:~% ssh -v cirrus > OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015 > […] > debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling > > But when I pass -Snone, I effectively disable ControlPersist, and so > UpdateHostKeys should become effective. This seems to have been fixed in passing in OpenSSH 8.2: https://anongit.mindrot.org/openssh.git/commit/?id=7955633a554397bc24913cec9fd7285002935f7e diff --git a/ssh.c b/ssh.c index 8931ecf81..4998ebc16 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.514 2020/01/25 00:03:36 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.515 2020/01/25 00:21:08 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1248,7 +1248,7 @@ main(int ac, char **av) strcmp(options.proxy_command, "-") == 0 && options.proxy_use_fdpass) fatal("ProxyCommand=- and ProxyUseFDPass are incompatible"); - if (options.control_persist && + if (options.control_persist && options.control_path != NULL && options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) { debug("UpdateHostKeys=ask is incompatible with ControlPersist; " "disabling"); -- Colin Watson (he/him) [cjwatson@debian.org]
--- End Message ---