[Bug 2174] New: no-pty in authorized_keys does not prevent and interactive shell

bugzilla-daemon at natsu.mindrot.org bugzilla-daemon at natsu.mindrot.org
Sun Nov 24 02:50:46 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=2174

            Bug ID: 2174
           Summary: no-pty in authorized_keys does not prevent and
                    interactive shell
           Product: Portable OpenSSH
           Version: 6.4p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: security
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: nogyka at gmail.com

Hi,

I just stumbled upon the fact that when I deny a user who logs in using
a public key an interactive login using the no-pty argument in the
~/.ssh/authorized_keys file,
I still get an interactive shell (kind of). Despite the fact that
"PTY allocation request failed on channel 0"

This could be reproduced on an up to date debian system (6.0.8) as well
as on Ubuntu 12.04.3 LTS

OpenSSH_5.5p1 Debian-6+squeeze3
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013
OpenSSH_6.4p1, OpenSSL 1.0.1 14 Mar 2012

Best regards,
Bastian Mueller

--- LOG ---

bbb at kilchoman:~$ ssh user at host
PTY allocation request failed on channel 0
Linux hostname 2.6.32-5-amd64 #1 SMP Mon Oct 3 03:59:20 UTC 2011 x86_64

cat ~/.ssh/authorized_keys
no-pty ssh-rsa AAAA..5KS3+Q==

ssh -v     
OpenSSH_5.5p1 Debian-6+squeeze3, OpenSSL 0.9.8o 01 Jun 2010
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c
cipher_spec]
           [-D [bind_address:]port] [-e escape_char] [-F configfile]
           [-I pkcs11] [-i identity_file]
           [-L [bind_address:]port:host:hostport]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p
port]
           [-R [bind_address:]port:host:hostport] [-S ctl_path]
           [-W host:port] [-w local_tun[:remote_tun]]
           [user@]hostname [command]

ps
  PID TTY          TIME CMD
 1191 ?        00:00:00 sshd
 1192 ?        00:00:00 bash
 1232 ?        00:00:00 ps

--- END LOG ---

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list