AuthorizedKeysCommand size issue?
Yves Dorfsman
yves at zioup.com
Tue Apr 15 10:17:36 EST 2014
On 2014-04-14 17:52, Damien Miller wrote:
>
> It's easy to determine whether sshd is at fault here. Just replace
> curl with 'cat' of a >12KB file.
>
It works when doing a cat from a file, it looks more like an issue with the
pipe mechanism. For example, this works, regardless of the size of the file:
#!/bin/bash
curl -s --compressed http://someurl.example.com/pubkeys/$1 >somefile
cat somefile
>> I created a bash script that runs
>>
>> #!/bin/bash
>> curl -s --compressed http://someurl.example.com/pubkeys/$1
>
> this is terrifying.
Why? DNS hijacking, man in the middle attack? Risk when the web server is
compromised (we are using S3 here)?
--
Yves.
More information about the openssh-unix-dev
mailing list