2575 – ssh-copy-id fails when it can not find any key file in ~/.ssh

Bug 2575 - ssh-copy-id fails when it can not find any key file in ~/.ssh

Summary: ssh-copy-id fails when it can not find any key file in ~/.ssh

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-copy-id (show other bugs)
Version:	7.2p1
Hardware:	All Linux

Importance:	P5 trivial
Assignee:	Philip Hands

URL:
Keywords:

Depends on:
Blocks:	V_7_5
	Show dependency tree / graph

Reported:	2016-05-30 18:54 AEST by Jakub Jelen
Modified:	2018-04-06 12:26 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jakub Jelen 2016-05-30 18:54:09 AEST

Today I run  ssh-copy-id  from a machine without any generated key (and without any key in ssh-agent) and it failed hard with weird results:

    /usr/bin/ssh-copy-id: ERROR: failed to open ID file '/root/.pub': No such file or directory
	(to install the contents of '/root/.pub' anyway, look at the -f option)

It is caused by the false expectation, that there are some keys in ~/.ssh/ on the line 59:

    DEFAULT_PUB_ID_FILE="$HOME/$(cd "$HOME" ; ls -t .ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1)"

It sets

    + DEFAULT_PUB_ID_FILE=/root/

which passes the condition

    + '[' -r /root/ ']'

and the execution gets into the function   use_id_file()  unnoticed and fails to open file

    /usr/bin/ssh-copy-id: line 87: /root/.pub: No such file or directory'

Checking also if the file is regular file should solve the issue. Failing earlier is probably not a good idea, because we can still use  ssh-agent  keys (remains working).


diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
index bef5c95..f750e70 100644
--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
@@ -189,7 +189,8 @@ SSH_OPTS="${SSH_OPTS:+$SSH_OPTS }'$(quote "$USER_HOST")'"
 # and populate "$@" for later use (only way to get proper quoting of options)
 eval set -- "$SSH_OPTS"
 
-if [ -z "$(eval $GET_ID)" ] && [ -r "${PUB_ID_FILE:=$DEFAULT_PUB_ID_FILE}" ] ; then
+if [ -z "$(eval $GET_ID)" ] && [ -r "${PUB_ID_FILE:=$DEFAULT_PUB_ID_FILE}" ] \
+    && [ -f "$PUB_ID_FILE" ] ; then
   use_id_file "$PUB_ID_FILE"
 fi

Comment 1 Philip Hands 2016-12-16 19:45:55 AEDT

Thanks for the report, and sorry for taking so long to get round to it.

Here's the commit that fixes this:

  http://git.hands.com/?p=ssh-copy-id.git;a=commitdiff;h=b32a55c8eb4995ef56880682d5ff2eeb9856928d

In which I decided to rather make sure that DEFAULT_PUB_ID_FILE remains unset in this case, and then deal with that case.

My latest version incorporating that change is here:

  http://git.hands.com/ssh-copy-id

which should work for you, and will hopefully make it's way into OpenSSH in the not too distant future.

Cheers, Phil.

Comment 2 Jakub Jelen 2016-12-20 01:28:47 AEDT

Thanks. It works as expected.

Damien, Darren,
can we expect this fix in 7.4? This was working before with openssh-6.6p1 (for example) but current master is failing.

Comment 3 Damien Miller 2018-04-06 12:26:41 AEST

Close all resolved bugs after release of OpenSSH 7.7.