[Bug 1981] New: Trying to use ssh with a missing identity file gives no warnings
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Feb 18 06:28:57 EST 2012
https://bugzilla.mindrot.org/show_bug.cgi?id=1981
Bug #: 1981
Summary: Trying to use ssh with a missing identity file gives
no warnings
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: mindrot.org at ch.pkts.ca
I attempted to set up a ~/.ssh/config entry that said
Host firewall-link
Hostname firewall.example.com
IdentityFile /Home/username/.ssh/id_rsa_vpn
User vpnuser
However, there was a typo in the IdentityFile line, so it specified the
wrong pathname (ie: no such file). Do you want to know how long it
took to track down this error? Too long!
You can only see the error message if you type 'ssh -d -d -d
firewall-link' (the maximum possible debug level), or use a system-call
tracing program (like strace) and compare good vs. bad sessions (if you
have a good one).
I'm unsure if this was a policy decision for security reasons ("Hide
failures"), but as it's an error on the client side, I fail to see the
security benefits of not printing "Identity file xxxxxxx not found" as
a warning just before moving on to the next authentication method.
Thanks!
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list