| Summary: | AuthorizedKeysFile split pub key and signature with tab `\t` not work. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | gshmu <mhohai> | ||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | NEW --- | ||||||
| Severity: | enhancement | CC: | calestyo, dtucker | ||||
| Priority: | P5 | ||||||
| Version: | 7.3p1 | ||||||
| Hardware: | Other | ||||||
| OS: | Linux | ||||||
| Attachments: |
|
||||||
|
Description
gshmu
2016-10-08 16:15:31 AEDT
command@ubuntu# grep "AuthorizedKeysFile" /etc/ssh/sshd_config AuthorizedKeysFile %h/.ssh/me.pro not using default authorized_keys file, after upgrade it not work... You put a tab in the authorized_keys file itself or after the directive in sshd_config? (In reply to Darren Tucker from comment #2) > You put a tab in the authorized_keys file itself or after the > directive in sshd_config? authorized_keys file itself $ cat .ssh/authorized_keys_renamed xxxx{\tab}sign xxxx{\tab}sign xxxx{\tab}sign Created attachment 2878 [details]
Allow a single tab instead of space between key type and key.
Looks like the code in question is in sshkey.c:sshkey_read(), and that tabs are accepted in many places but not all. In that code's defense, the sshd(8) man page specifies that these things are space-separated.
case KEY_UNSPEC:
[...]
space = strchr(cp, ' ');
... but later:
while (*space == ' ' || *space == '\t')
space++;
Please try the attached patch, which should allow a single tab character instead of a space.
(In reply to Darren Tucker from comment #4) > Created attachment 2878 [details] > Allow a single tab instead of space between key type and key. Looks like this causes a regression test failure so further investigation is needed. |