Hi, I just stumbled upon the fact that when I deny a user who logs in using a public key an interactive login using the no-pty argument in the ~/.ssh/authorized_keys file, I still get an interactive shell (kind of). Despite the fact that "PTY allocation request failed on channel 0" This could be reproduced on an up to date debian system (6.0.8) as well as on Ubuntu 12.04.3 LTS OpenSSH_5.5p1 Debian-6+squeeze3 OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012 OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013 OpenSSH_6.4p1, OpenSSL 1.0.1 14 Mar 2012 Best regards, Bastian Mueller --- LOG --- bbb@kilchoman:~$ ssh user@host PTY allocation request failed on channel 0 Linux hostname 2.6.32-5-amd64 #1 SMP Mon Oct 3 03:59:20 UTC 2011 x86_64 cat ~/.ssh/authorized_keys no-pty ssh-rsa AAAA..5KS3+Q== ssh -v OpenSSH_5.5p1 Debian-6+squeeze3, OpenSSL 0.9.8o 01 Jun 2010 usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file] [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] [user@]hostname [command] ps PID TTY TIME CMD 1191 ? 00:00:00 sshd 1192 ? 00:00:00 bash 1232 ? 00:00:00 ps --- END LOG ---
This is intended behaviour. no-pty doesn't control what is executed, just whether the command/shell has a tty or not.
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1