| Summary: | scp over ssh-relay insists in asking passphrase | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Michael Armbrecht <michael.armbrecht> |
| Component: | scp | Assignee: | OpenSSH Bugzilla mailing list <openssh-bugs> |
| Status: | CLOSED DUPLICATE | ||
| Severity: | normal | ||
| Priority: | P3 | ||
| Version: | -current | ||
| Hardware: | ix86 | ||
| OS: | Linux | ||
|
Description
Michael Armbrecht
2003-05-09 02:15:11 AEST
Make positively sure that agent forwarding is on everywhere. -vvv is your friend. And upgrade to 3.6.1p2, 3.4p1 is quite old. Output from -vvv: 29426: debug1: Rhosts Authentication disabled, originating port will not be trusted. 29426: debug1: ssh_connect: needpriv 0 29426: debug1: Connecting to xxxxxx.com [yy.yy.yy.yy] port 22. 29426: debug1: Connection established. 29426: debug1: identity file /home/xxxxxxxx/.ssh/identity type 0 29426: debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1_OSD-SEC_A.02.11j 29426: debug1: match: OpenSSH_2.5.1p1_OSD-SEC_A.02.11j pat OpenSSH_2.5.0p1*,OpenSSH_2.5.1p1* 29426: debug1: Local version string SSH-1.5-OpenSSH_3.4p1 29426: debug1: Waiting for server public key. 29426: debug1: Received server public key (768 bits) and host key (1024 bits). 29426: debug3: check_host_in_hostfile: filename /home/xxxxxxxx/.ssh/known_hosts 29426: debug3: check_host_in_hostfile: match line 1 29426: debug1: Host 'xxxxxxx.com' is known and matches the RSA1 host key. 29426: debug1: Found key in /home/xxxxxxx/.ssh/known_hosts:1 29426: debug1: Encryption type: blowfish 29426: debug1: Sent encrypted session key. 29426: debug1: Installing crc compensation attack detector. 29426: debug1: Received encrypted confirmation. 29426: debug1: Trying RSA authentication via agent with 'XXXXXXXXXXX' 29426: debug1: Received RSA challenge from server. 29426: debug1: Sending response to RSA challenge. 29426: debug1: Remote: RSA authentication accepted. 29426: debug1: RSA authentication accepted by server. 29426: debug1: Requesting compression at level 6. 29426: debug1: Enabling compression at level 6. 29426: debug1: Sending command: scp -v -f xx@xxxx:/vvvv/www/yyyyy.zzz 29426: debug1: Entering interactive session. 29426: debug1: fd 0 setting O_NONBLOCK 29426: debug1: fd 1 setting O_NONBLOCK Need passphrase for /home/xxxxx/.ssh/identity user@linux:~> You have no controlling tty. Cannot read passphrase. 29426: debug2: fd 0 is not O_NONBLOCK 29426: debug1: fd 1 clearing O_NONBLOCK 29426: debug1: Transferred: stdin 55, stdout 48, stderr 55 bytes in 0.5 seconds 29426: debug1: Bytes per second: stdin 106.2, stdout 92.7, stderr 106.2 29426: debug1: Exit status 255 29426: debug1: compress outgoing: raw data 111, compressed 120, factor 1.08 29426: debug1: compress incoming: raw data 118, compressed 115, factor 0.97 Forward is on everywhere, even set it with "-o" on the cli. Will try version 3.6.1 instead. 3.4p1 came with SuSE8.1. hmmm, it might have something to do with:
addargs(&args, "-oClearAllForwardings yes");
in scp.c. Can you try removing that line and seeing whether things work?
You haven't given any details about the nature of the relay that you are using.
OK. I removed the following two lines from scp.c: addargs(&args, "-oForwardAgent no"); addargs(&args, "-oClearAllForwardings yes"); Now it is working. What was the reason for presetting these two options? Like this, scp will never work over a SSH relay that doesn't allocate a tty! I'll mark this as a duplicate of bug #831 - it isn't really a duplicate, but that bug has a patch. *** This bug has been marked as a duplicate of 831 *** Closed with release of portable OpenSSH 3.8.1p1 |