[Bug 2561] ssh-keygen -A does not recreate broken zero-sized host keys

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Apr 8 15:37:05 AEST 2016


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
   Attachment #2804|0                           |1
        is obsolete|                            |
   Attachment #2805|                            |ok?(dtucker at zip.com.au)
              Flags|                            |

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Created attachment 2805
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2805&action=edit
overwrite zero-length key files, move keys into place atomically

Darren correctly points out that the previous diff could clobber valid
keys under some circumstances.

This diff is much less aggressive: it only overwrites zero-length
private keys, and uses rename() to atomically move finished private
keys into position so there should be fewer circumstances under which
it leaves partial keys at valid keys path names.

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list