Bug 2325

Summary:

excessive and unquietable stderr chatter

Product:

Portable OpenSSH

Reporter:

Josh Kupershmidt <schmiddy>

Component:

ssh-keygen

Assignee:

Damien Miller <djm>

Status:

CLOSED FIXED

Severity:

minor

CC:

djm, dtucker

Priority:

Version:

-current

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

2360

Attachments:

Description	Flags
convert ssh-keygen to logit/error/fatal	dtucker: ok+

Description Josh Kupershmidt 2014-12-06 03:04:17 AEDT

I maintain some code (using cronic, see http://habilis.net/cronic/ ) which is sensitive to any noise generated on stderr, treating it as a possible error. One culprit causing false alarms is ssh-keygen, which generates these two messages from around line 1245 of ssh-keygen.c:

fprintf(stderr, "%s updated.\n", identity_file);
fprintf(stderr, "Original contents retained as %s\n", old);

I believe such use of stderr is inconsistent not only with generally accepted use of stderr elsewhere, but with the rest of the OpenSSH codebase. Other non-error messages in that file (e.g. "%s: generating new host keys: ") seem fine with being sent to stdout, and similar diagnostic messages in that file also respect the "quiet" flag, which I would find helpful.

I noticed some other inconsistencies in ssh-keygen.c as well. For example, this bit (line 888) surely should go to stderr instead of stdout:

if (invalid) {
        printf("%s is not a public key file.\n", identity_file);
        exit(1);
}

Comment 1 Damien Miller 2015-04-17 16:28:57 AEST

Created attachment 2593 [details]
convert ssh-keygen to logit/error/fatal

This converts the stderr message you mentioned to stdout, and switches most stderr messages over to logit/error/fatal

Comment 2 Damien Miller 2015-04-17 23:19:37 AEST

patch applied - this will be in openssh-6.9

Comment 3 Damien Miller 2015-08-11 23:03:50 AEST

Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1