Bug 2214 - Key is detected as existing if LogLevel=QUIET
Summary: Key is detected as existing if LogLevel=QUIET
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh-copy-id (show other bugs)
Version: 6.2p1
Hardware: All Linux
: P5 normal
Assignee: Philip Hands
URL:
Keywords:
Depends on:
Blocks: V_7_2
  Show dependency treegraph
 
Reported: 2014-03-20 23:40 AEDT by Sami Haahtinen
Modified: 2016-08-02 10:41 AEST (History)
1 user (show)

See Also:


Attachments
Add -o LogLevel=INFO to ssh invokation (752 bytes, patch)
2014-03-20 23:40 AEDT, Sami Haahtinen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sami Haahtinen 2014-03-20 23:40:54 AEDT
Created attachment 2415 [details]
Add -o LogLevel=INFO to ssh invokation

Current ssh-copy-id script assumes that key is valid if the temporary log file doesn't contain the string 'Permission denied'. There are cases when this doesn't occur. One of the cases is when configuration file contains a LogLevel=QUIET option.

Lets assume that ~/.ssh/config contains:
> Host 127.*
>   LogLevel QUIET

And we have no valid key for localhost. Attempting to connect doesn't give any errors:
> $ ssh -o PreferredAuthentications=publickey -o IdentitiesOnly=yes user@127.0.0.1
> $ ssh -o LogLevel=INFO -o PreferredAuthentications=publickey -o IdentitiesOnly=yes user@127.0.0.1
> Permission denied (publickey,password).

The fix is to add LogLevel=INFO to the ssh command, which is a sane default since ssh-copy-id actually depends on ssh to have loglevel set to INFO.
Comment 1 Philip Hands 2015-11-29 04:07:51 AEDT
Thanks for the report, and sorry for taking so long to get round to it.

Here's the commit that fixes this:

  http://git.hands.com/?p=ssh-copy-id.git;a=commitdiff;h=35f05e39cda8670b3f6797330a3e521fda509a4c;hp=baebbb9e18e4a1af7554d939710eacb665a24b68

My latest version incorporating that change is here:

  http://git.hands.com/ssh-copy-id

which should work for you, and will hopefully make it's way into OpenSSH in the not too distant future.

Cheers, Phil.
Comment 2 Damien Miller 2016-08-02 10:41:44 AEST
Close all resolved bugs after 7.3p1 release