Bug 3083 - Passing tilde (HOME) in file option results in cryptic error
Summary: Passing tilde (HOME) in file option results in cryptic error
Status: CLOSED WORKSFORME
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh-keygen (show other bugs)
Version: 8.1p1
Hardware: ix86 Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-21 09:05 AEDT by Egbert S.
Modified: 2021-04-23 15:11 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Egbert S. 2019-10-21 09:05:02 AEDT 
The command in question discovered in earlier 7.9p1 and also in latest 8.1p1:

    ssh-keygen -f "~/.ssh/known_hosts" -R "johndoe"

Expected output:

    known_hosts: No such file or directory

The actual result output is:

    mkstemp: No such file or directory

`strace -f` shows:

    openat(AT_FDCWD, "~/.ssh/known_hosts.TgA5TDcI46", O_RDWR|O_CREAT|O_EXCL, 0600) = -1 ENOENT (No such file or directory)
    write(2, "mkstemp: No such file or directo"..., 36mkstemp: No such file or directory

Please notice the temporary file being created at "~/.ssh/known_hosts.TgA5TDcI46"?

Looks like a tilde expansion failure (or lack thereof).

ssh-keygen(8) has this to say about the specification of `known_hosts_file`:  (*nothing*)

I've searched the unix-dev mailing list, patch history, bugzilla (keywords: mktemp, tilde)

Introduction of breakage appears to be here:

commit 3e088aaf236ef35beeef3c9be93fd53700df5861
Author: djm@openbsd.org <djm@openbsd.org>
Date:   Fri Jun 1 03:51:34 2018 +0000

    upstream: return correct exit code when searching for and hashing
    
    known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772
    Report and fix from Anton Kremenetsky
    
    OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
Comment 1 Egbert S. 2019-10-21 09:08:26 AEDT 
Actually, I expected this tilde expansion command to work on `known_hosts` file.

Expected output:

    # Host johndoe found: line 1
    /home/jilldoe/.ssh/known_hosts updated.
    Original contents retained as /home/jilldoe/.ssh/known_hosts.old
Comment 2 Darren Tucker 2019-10-21 09:55:11 AEDT 
Tilde expansion is a function of the shell, and you told your shell not to do it by quoting your argument.  Compare (this is bash):

$ echo ~/.ssh/known_hosts
/home/dtucker/.ssh/known_hosts

$ echo "~/.ssh/known_hosts"
~/.ssh/known_hosts

"~" is a valid path component on most if not all Unix filesystems.
Comment 3 Egbert S. 2019-10-22 08:21:28 AEDT 
Agreed.  It would have worked if the quoted is narrowed down to like any of the following:

    ssh-keygen -f ~/../../"My Users"/johndoe/.ssh/known_hosts
    ssh-keygen -f ~/../johndoe/.ssh/"known hosts"
    ssh-keygen -f ~/../"Johnny Be Right"/.ssh/known_hosts

And certainly not the following:

    ssh-keygen -f "~"/.ssh/known_hosts


Got it.  I think I'd be asking for an enhancement to the error message, something like including the filename in question that mktemp failed at.

If this is not a worthy goal, then let's close this bug.
Comment 4 Darren Tucker 2020-07-03 15:27:42 AEST 
The error message from the current version seems reasonably descriptive although I'm not sure when it changed:

$ ./ssh-keygen -f "~/.ssh/known_hosts" -R foo
Cannot stat ~/.ssh/known_hosts: No such file or directory

I don't think there's anything else to be done here.  Thanks for the report.
Comment 5 Damien Miller 2021-04-23 15:11:02 AEST 
closing resolved bugs as of 8.6p1 release