If a user does a newgrp to change their group id to a group they are a member of, which is not their primary group, ssh gets upset. For example: ichernysh@ofdb02:/home.local/ichernysh$ id -a uid=3059(ichernysh) gid=506(dba) groups=3059(ichernysh),506(dba) ichernysh@ofdb02:/home.local/ichernysh$ newgrp dba ichernysh@ofdb02:/home.local/ichernysh$ ssh 127.0.0.1 setgid 3059: Not owner ichernysh@ofdb02:/home.local/ichernysh$ ssh 127.0.0.1 The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. RSA key fingerprint is 17:68:99:5f:02:ab:70:88:25:bd:88:a2:ef:96:a2:f0. Are you sure you want to continue connecting (yes/no)? The version of ssh in question is: OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f I realize this is fairly old, but I found no reference to this bug anywhere in the bug reports for any version.
This works fine for me OpenSSH 3.5p1 Solaris 8 (108528-18) GNU bash, version 2.03.0(1)
Works for me too (OpenSSH 3.6.1p2, Solaris 8, 108528-14). Newer versions of OpenSSH no longer make ssh setuid, perhaps that's the difference. $ id uid=500(dtucker) gid=500(dtucker) groups=500(dtucker),514(cvs) $ newgrp cvs $ ssh localhost dtucker@localhost's password: $
In that case, sorry to bother with an old bug, I'll upgrade at my next maintenance window.
Please re-open if you can reproduce with current versions, this seems to be OK now.
Mass change of RESOLVED bugs to CLOSED