[Bug 1693] ssh prompts for passphrase even when identity file is unreadable

Mon Jan 11 15:16:17 EST 2010

https://bugzilla.mindrot.org/show_bug.cgi?id=1693

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1767|0                           |1
        is obsolete|                            |
   Attachment #1774|                            |ok?(djm at mindrot.org)
               Flag|                            |

--- Comment #2 from Darren Tucker <dtucker at zip.com.au> 2010-01-11 15:16:15 EST ---
Created an attachment (id=1774)
 --> (https://bugzilla.mindrot.org/attachment.cgi?id=1774)
log (to debug) the reason for failing to load a private key

OK, so this is interesting: it doesn't happen on OpenBSD, but I do see
it on Linux.

sshconnect2.c:load_identity_file() calls key_load_private_type.  If
that fails and if we're either or in batchmode or if the key has bad
perms then we quit, otherwise we prompt for a passphrase.  Or at least
that's what it's supposed to do.

So why doesn't this actually happen on Linux?  perm_ok is on the stack,
and if the open() in key_load_private_type fails then it returns early
without setting (or unsetting) perm_ok.  Thus, whether or not you get
prompted depends on the initial value of perm_ok from whatever happened
to be on the stack.  Nasty.

This patch reports the reason if the open() fails and sets perms_ok
appropriately, no need for the extra access() calls.  It also
initializes perms_ok to the safe default.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.