BUG: ssh-agent unlinks sockets/files it doesn't own.
Rich
rich at rich-paul.net
Mon Oct 4 15:18:25 EST 2004
I've noticed a problem in the openssh sources. It can most easily be
replicated as follows:
> [rich at goblin] sl=1 ~
> 01:05:47$ ssh-agent -a ~/.ssh/agent.sock
> SSH_AUTH_SOCK=/home/rich/.ssh/agent.sock; export SSH_AUTH_SOCK;
> SSH_AGENT_PID=553; export SSH_AGENT_PID;
> echo Agent pid 553;
>
> [rich at goblin] sl=1 ~
> 01:05:50$ ssh-agent -a ~/.ssh/agent.sock
> bind: Address already in use
>
> [rich at goblin] sl=1 ~
> 01:05:53$ ssh-agent -a ~/.ssh/agent.sock
> SSH_AUTH_SOCK=/home/rich/.ssh/agent.sock; export SSH_AUTH_SOCK;
> SSH_AGENT_PID=558; export SSH_AGENT_PID;
> echo Agent pid 558;
The first ssh-agent survives the ordeal, but finds itself unreachable,
and without purpose.
I would suggest a couple of changes:
1) unless bind has been successful, don't unlink the socket.
2) teach ssh-agent to either die or rebind if his socket disappears.
my pref would probably be death, as I find it more elegant than
killing it with ssh-agent -k.
The first probably wise for good manners, even though the second will
solve the problem. note that:
> su
> ssh-agent -a /etc/passwd
would probably have unpleasant repercussions.
More information about the openssh-unix-dev
mailing list