1536 – SSH modifies line endings when using command in authorized_keys

Bug 1536 - SSH modifies line endings when using command in authorized_keys

Summary: SSH modifies line endings when using command in authorized_keys

Status:	CLOSED WORKSFORME

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	5.1p1
Hardware:	ix86 Linux

Importance:	P2 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-11-10 18:19 AEDT by Steven Picken
Modified:	2009-02-23 13:36 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Steven Picken 2008-11-10 18:19:30 AEDT

Overview:
SSH modifies line endings when using command in authorized_keys.
I'm using keys to ensure that an unattended copy occurs while using the command="aScript.php" that outputs an uncompressed tarball. Because of the line endings changing, my tarball becomes invalid.

What happens:
When using public/private keys to force a particular command to run, under tested circumstances, LF is converted to CRLF.
Running the same command without using a forced command returns the correct text.

Steps to reproduce:

cd ~
echo this is a test > bugcheck.txt
echo It needs to have multiple lines >> bugcheck.txt
echo so that I can check if there is a bug >> bugcheck.txt
echo in OpenSSH >> bugcheck.txt
ssh-keygen -t rsa -f bugcheck -N ""
echo -n "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command=\"cat bugcheck.txt\" " >> ~/.ssh/authorized_keys
cat bugcheck.pub >> ~/.ssh/authorized_keys
ssh localhost 'cat bugcheck.txt' > bugcheck-response-1.txt
ssh -i bugcheck localhost > bugcheck-response-2.txt
ls -l bugcheck-response-*.txt

Actual Results:
-rw-r--r-- 1 codewarrior codewarrior  96 Nov 10 11:12 bugcheck-response-1.txt
-rw-r--r-- 1 codewarrior codewarrior 100 Nov 10 11:12 bugcheck-response-2.txt
(bugcheck-response-2.txt contains CRLF line endings)

Expected Results:
-rw-r--r-- 1 codewarrior codewarrior  96 Nov 10 11:12 bugcheck-response-1.txt
-rw-r--r-- 1 codewarrior codewarrior  96 Nov 10 11:12 bugcheck-response-2.txt
(bugcheck-response-2.txt should have original LF line endings)

Build Date and Platform:
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006 on RedHat Enterprise Linux 5

Additional Builds and Platforms
OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008 on Gentoo Linux

Comment 1 Darren Tucker 2008-11-10 18:55:24 AEDT

It's probably the pty layer not sshd that's doing the translation.  Try "ssh -T localhost" or "ssh localhost foo" instead.

Comment 2 Steven Picken 2008-11-10 20:19:55 AEDT

Ah, you're very right. -T does fix the problem.

Sorry for troubling you.

--Steven

P.S. (I'm a bit new to bug trackers, How do you go about closing bugs?)

Comment 3 Darren Tucker 2008-11-10 21:01:29 AEDT

That's quite ok, glad it's working for you.  Closing.

Comment 4 Damien Miller 2009-02-23 13:36:34 AEDT

Close bugs fixed/reviewed for openssh-5.2 release