Bug 557 - scp over ssh-relay insists in asking passphrase
Summary: scp over ssh-relay insists in asking passphrase
Status: CLOSED DUPLICATE of bug 831
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: scp (show other bugs)
Version: -current
Hardware: ix86 Linux
: P3 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-05-09 02:15 AEST by Michael Armbrecht
Modified: 2004-04-19 23:29 AEST (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Armbrecht 2003-05-09 02:15:11 AEST
I am using OpenSSH scp over an ssh relay that does not allocate a tty. In 
version 2.3.0p1 it was possible to scp files through an ssh relay by enabling 
agent forwarding and having an ssh-agent running. This does not work anymore in 
3.4p1 - scp insists in a passphrase on the ssh relay which results in the "You 
have no controlling tty. Could not read passphrase." error message.
Comment 1 Peter Stuge 2003-05-09 02:33:52 AEST
Make positively sure that agent forwarding is on everywhere. -vvv is your friend.
And upgrade to 3.6.1p2, 3.4p1 is quite old.
Comment 2 Michael Armbrecht 2003-05-09 18:07:56 AEST
Output from -vvv:
29426: debug1: Rhosts Authentication disabled, originating port will not be 
trusted.
29426: debug1: ssh_connect: needpriv 0
29426: debug1: Connecting to xxxxxx.com [yy.yy.yy.yy] port 22.
29426: debug1: Connection established.
29426: debug1: identity file /home/xxxxxxxx/.ssh/identity type 0
29426: debug1: Remote protocol version 1.99, remote software version 
OpenSSH_2.5.1p1_OSD-SEC_A.02.11j
29426: debug1: match: OpenSSH_2.5.1p1_OSD-SEC_A.02.11j pat 
OpenSSH_2.5.0p1*,OpenSSH_2.5.1p1*
29426: debug1: Local version string SSH-1.5-OpenSSH_3.4p1
29426: debug1: Waiting for server public key.
29426: debug1: Received server public key (768 bits) and host key (1024 bits).
29426: debug3: check_host_in_hostfile: filename /home/xxxxxxxx/.ssh/known_hosts
29426: debug3: check_host_in_hostfile: match line 1
29426: debug1: Host 'xxxxxxx.com' is known and matches the RSA1 host key.
29426: debug1: Found key in /home/xxxxxxx/.ssh/known_hosts:1
29426: debug1: Encryption type: blowfish
29426: debug1: Sent encrypted session key.
29426: debug1: Installing crc compensation attack detector.
29426: debug1: Received encrypted confirmation.
29426: debug1: Trying RSA authentication via agent with 'XXXXXXXXXXX'
29426: debug1: Received RSA challenge from server.
29426: debug1: Sending response to RSA challenge.
29426: debug1: Remote: RSA authentication accepted.
29426: debug1: RSA authentication accepted by server.
29426: debug1: Requesting compression at level 6.
29426: debug1: Enabling compression at level 6.
29426: debug1: Sending command: scp -v -f xx@xxxx:/vvvv/www/yyyyy.zzz
29426: debug1: Entering interactive session.
29426: debug1: fd 0 setting O_NONBLOCK
29426: debug1: fd 1 setting O_NONBLOCK
Need passphrase for /home/xxxxx/.ssh/identity
user@linux:~> You have no controlling tty.  Cannot read passphrase.
29426: debug2: fd 0 is not O_NONBLOCK
29426: debug1: fd 1 clearing O_NONBLOCK
29426: debug1: Transferred: stdin 55, stdout 48, stderr 55 bytes in 0.5 seconds
29426: debug1: Bytes per second: stdin 106.2, stdout 92.7, stderr 106.2
29426: debug1: Exit status 255
29426: debug1: compress outgoing: raw data 111, compressed 120, factor 1.08
29426: debug1: compress incoming: raw data 118, compressed 115, factor 0.97

Forward is on everywhere, even set it with "-o" on the cli.
Will try version 3.6.1 instead. 3.4p1 came with SuSE8.1. 
Comment 3 Damien Miller 2003-05-14 10:32:52 AEST
hmmm, it might have something to do with:

        addargs(&args, "-oClearAllForwardings yes");

in scp.c. Can you try removing that line and seeing whether things work?

You haven't given any details about the nature of the relay that you are using.
Comment 4 Michael Armbrecht 2003-05-30 23:12:08 AEST
OK. I removed the following two lines from scp.c:
addargs(&args, "-oForwardAgent no");
addargs(&args, "-oClearAllForwardings yes");

Now it is working. 

What was the reason for presetting these two options? Like this, scp will never 
work over a SSH relay that doesn't allocate a tty!
Comment 5 Damien Miller 2004-04-14 13:24:05 AEST
I'll mark this as a duplicate of bug #831 - it isn't really a duplicate, but
that bug has a patch.

*** This bug has been marked as a duplicate of 831 ***
Comment 6 Damien Miller 2004-04-19 23:29:52 AEST
Closed with release of portable OpenSSH 3.8.1p1