OpenSSH 3.9p1 bug, .hushlogin is ignored
Andreas M. Kirchwitz
amk at krell.zikzak.de
Mon Sep 6 22:12:54 EST 2004
Hello Darren! Hello OpenSSH (portable) users!
After updating from OpenSSH 3.8.1p1 to OpenSSH 3.9p1 on my
Fedora Core 2 Linux box, the "sshd" no longer respects
"~/.hushlogin" to get a quiet and silent login. Now I get
the noisy "Last login: somedate from somehost" line.
I really loved that feature. ;-)
The problem is related to a change in "session.c", function do_child().
In line 1426, the following code has been added to the portable
version of OpenSSH:
/*
* PAM session modules in do_setusercontext may have
* generated messages, so if this in an interactive
* login then display them too.
*/
if (command == NULL)
display_loginmsg();
According to the ChangeLog:
20040701
- (dtucker) [session.c] Call display_loginmsg again after do_pam_session.
Ensures messages from PAM modules are displayed when privsep=no.
Unfortunately, this breaks .hushlogin.
As long as I run "ssh somehost somecommand", it obviously works as
expected, but if I do "ssh somehost", I get the "Last login:" line.
If I remove the code segment, ".hushlogin" works again. (No big deal. ;-)
Although "if (command == NULL)" could be replaced by a call to
"if (!check_quietlogin(s, command))" to fix the problem, the
double access to ".hushlogin" wouldn't be good programming style.
If it's needed more than once, the result of check_quietlogin()
could be cached somewhere to avoid unnecessary access to the
filesystem.
However, besides this (my beloved .hushlogin ;-), OpenSSH 3.9p1 is
really good work. Keep up the good work!
Greetings, Andreas
More information about the openssh-unix-dev
mailing list