assorted issues with 2.1.1p4...

[James Ralston]

I've just finished compiling OpenSSH version 2.1.1p4 for Red Hat Linux
6.2 (i386) with recent patches, using OpenSSL version 0.9.5a, which
was compiled to use RSAREF.

There are a couple of issues I noticed immediately:

1.  The ssh-agent program can only store RSA keys, not DSA keys.

2.  Only ssh-add knows to invoke ssh-askpass (if it is not attached to
    a tty and DISPLAY is set).  Slogin, ssh, scp, et. al. do not
    invoke ssh-askpass, either to prompt for a RSA/DSA passphrase, or
    to prompt for a password to the remote system.

3.  The -f option to ssh has no effect when protocol version 2 is
    being used.

4.  If X11 forwarding is being used, and an X11 application is being
    forwarded across the secure channel, occasionally shutting down
    that application causes the sshd process to crash.

I see that issue #1 is resolved, as of the 20000823 snapshot.  I will
go grab the snapshot and bang on it.

Daiki Ueno <ueno at unixuser.org> brought up issue #2 back in April, but
I can't find a follow-up that answers his central question (why does
ssh not know how to invoke ssh-askpass?).  So, I'll ask it again: is
this a deliberate design decision, or something that just hasn't been
implemented yet?

I see that Jarno Huuskonen <jhuuskon at messi.uku.fi> provided a
tentative patch for issue #3 on August 5, but the patch didn't make it
into the 20000823 snapshot.  Does anyone know the status of that
patch, or this issue in general?

I've made an attempt to look at issue #4, but so far, I've been unable
to catch the sshd process in the act of crashing; it seems that the
problem doesn't occur when the sshd process in question is being
traced.  I'm not even sure what signal sshd is dying on.  I'll report
back once I have more definite information, but until then, has anyone
run into what they think might be the same problem?

Regards,

-- 
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA