Bug 2873

Summary:

AuthorizedKeysCommand with different user prevents fetching authorized keys from file

Product:

Portable OpenSSH

Reporter:

Jakub Jelen <jjelen>

Component:

sshd

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

enhancement

CC:

djm

Priority:

Version:

7.7p1

Hardware:

Other

OS:

Linux

Bug Depends on:

Bug Blocks:

2852

Attachments:

Description	Flags
make sure the cached group information belongs to the current UID	none

Description Jakub Jelen 2018-05-31 00:24:45 AEST

Created attachment 3158 [details]
make sure the cached group information belongs to the current UID

Originally filled in Red Hat bugzilla, which provides also whole reproducer and analysis (credits to Renaud Métrich):

https://bugzilla.redhat.com/show_bug.cgi?id=1583735

In short, the AuthorizedKeysCommandUser code caches group list, which is then used also for fetching the authorized keys itself, which obviously does not work if the groups used do not overlap.

The same issue will probably exist with AuthorizedPrincipalsCommandUser, but I do not have a reproduce for this.

The correct solution should checking that the cached information about groups is for the same UID we have in pw parameter. My proposed solution is in the attachment.

Comment 1 Jakub Jelen 2018-06-15 00:53:52 AEST

ping?

Comment 2 Damien Miller 2018-06-15 17:08:11 AEST

Patch committed, with a couple of tweaks. Thanks!

Comment 3 Damien Miller 2021-04-23 15:02:05 AEST

closing resolved bugs as of 8.6p1 release