AuthorizedKeysCommand size issue?

Yves Dorfsman yves at
Tue Apr 15 10:17:36 EST 2014

On 2014-04-14 17:52, Damien Miller wrote:
> It's easy to determine whether sshd is at fault here. Just replace
> curl with 'cat' of a >12KB file.

It works when doing a cat from a file, it looks more like an issue with the 
pipe mechanism. For example, this works, regardless of the size of the file:

     curl -s --compressed$1 >somefile
     cat somefile

>> I created a bash script that runs
>>      #!/bin/bash
>>      curl -s --compressed$1
> this is terrifying.

Why? DNS hijacking, man in the middle attack? Risk when the web server is 
compromised (we are using S3 here)?


More information about the openssh-unix-dev mailing list