[Bug 3114] New: Remote command execution although -N specified with ControlMaster=yes, ControlPersist=yes and non-existent ControlPath

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Jan 18 15:22:58 AEDT 2020 

https://bugzilla.mindrot.org/show_bug.cgi?id=3114

            Bug ID: 3114
           Summary: Remote command execution although -N specified with
                    ControlMaster=yes, ControlPersist=yes and non-existent
                    ControlPath
           Product: Portable OpenSSH
           Version: 8.1p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ionic at ionic.de

When creating a persistent master-slave control connection in master
mode and the control socket does not exist yet, the -N option for NOT
running a command seems to have no effect:


% ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\""
Don't execute me

However, this does not seem to be true when the control socket already
exists:

% ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\""
ControlSocket /home/ionic/.sshsock already exists, disabling
multiplexing
[hangs, which is normal, since the connection is established and kept
open]

This also seems to hold for a "fake" control socket:

% ssh -O "exit" ionic.de -o ControlPath=/home/ionic/.sshsock #
Correctly nuke socket, if necessary.
% rm -f /home/ionic/.sshsock # Get rid of "fake" sockets like the one
we're going to create.
% touch /home/ionic/.sshsock
% ssh ionic.de -o ControlMaster="yes" -o ControlPersist="yes" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\""
ControlSocket /home/ionic/.sshsock already exists, disabling
multiplexing
[hangs]

It also doesn't happen with ControlPersist=no, so it must be related to
a persistent master-slave connection:

% ssh ionic.de -o ControlMaster="yes" -o ControlPersist="no" -o
ControlPath="/home/ionic/.sshsock" -N "echo \"Don't execute me\""
[hangs]

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list