Call for testing: OpenSSH-5.4

Kevin Brott kevin.brott at gmail.com
Sat Mar 6 09:39:28 EST 2010


On Fri, Feb 26, 2010 at 23:25, Damien Miller <djm at mindrot.org> wrote:

> Hi,
>
> OpenSSH 5.4 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a big release,
> with a number of major new features and many bug fixes.
>
>
Using openssh-SNAP-20100306.tar.gz

new issue on RHEL 5.4 x86_64:

with SUDO set ..
...
run test agent.sh ...
sudo: sorry, you must have a tty to run sudo
ssh_exchange_identification: Connection closed by remote host
agent fwd proto 1 failed (exit code 0)
sudo: sorry, you must have a tty to run sudo
ssh_exchange_identification: Connection closed by remote host
agent fwd proto 2 failed (exit code 0)
failed simple agent test
gmake[1]: *** [t-exec] Error 1
gmake[1]: Leaving directory `/var/tmp/ssh/openssh/regress'
gmake: *** [tests] Error 2

Caused by:  http://kbase.redhat.com/faq/docs/15839 ...

The /etc/sudoers file in Red Hat Enterprise Linux 5 has a default flag
'requiretty'. With this flag set, only logged in users can execute commands
through sudo. This will disallow execution of sudo commands remotely through
rsh or ssh. The rsh and ssh utilities do not allocate a tty. It is
recommended to keep this flag to prevent a user from entering a visible
password.

With ssh, use -t to force pseudo-tty allocation
My proposed fix ...

*** regress/agent.sh    2010-03-05 14:01:13.000000000 -0800
--- regress/agent.sh.orig       2008-03-12 05:58:56.000000000 -0700
***************
*** 45,51 ****

        trace "simple connect via agent"
        for p in 1 2; do
!               ${SSH} -t -$p -F $OBJ/ssh_proxy somehost exit 5$p
                if [ $? -ne 5$p ]; then
                        fail "ssh connect with protocol $p failed (exit code
$?)"
                fi
--- 45,51 ----

        trace "simple connect via agent"
        for p in 1 2; do
!               ${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p
                if [ $? -ne 5$p ]; then
                        fail "ssh connect with protocol $p failed (exit code
$?)"
                fi
***************
*** 53,63 ****

        trace "agent forwarding"
        for p in 1 2; do
!               ${SSH} -t -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l >
/dev/null 2>&1
                if [ $? -ne 0 ]; then
                        fail "ssh-add -l via agent fwd proto $p failed (exit
code $?)"
                fi
!               ${SSH} -t -A -$p -F $OBJ/ssh_proxy somehost \
                        "${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p"
                if [ $? -ne 5$p ]; then
                        fail "agent fwd proto $p failed (exit code $?)"
--- 53,63 ----

        trace "agent forwarding"
        for p in 1 2; do
!               ${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l >
/dev/null 2>&1
                if [ $? -ne 0 ]; then
                        fail "ssh-add -l via agent fwd proto $p failed (exit
code $?)"
                fi
!               ${SSH} -A -$p -F $OBJ/ssh_proxy somehost \
                        "${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p"
                if [ $? -ne 5$p ]; then
                        fail "agent fwd proto $p failed (exit code $?)"

Once this is applied - all tests passed

-- 
# include <stddisclaimer.h>
/* Kevin  Brott <Kevin.Brott at gmail.com> */


More information about the openssh-unix-dev mailing list