[Bug 835901] Re: ssh-copy-id: fails to sanitize arguments

Serge Hallyn 835901 at bugs.launchpad.net
Wed Aug 31 22:01:48 UTC 2011 

Thanks for taking the time to report this bug.  I trivially confirmed it
with your example.  I was thinking it was corrupting the
authorized_keys, but as it isn't, and as the garbled response is
reasonably obviously an indication of an error, I will mark priority
low.

** Changed in: openssh (Ubuntu)
   Importance: Undecided => High

** Changed in: openssh (Ubuntu)
       Status: New => Confirmed

** Changed in: openssh (Ubuntu)
   Importance: High => Low

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/835901

Title:
  ssh-copy-id: fails to sanitize arguments

Status in “openssh” package in Ubuntu:
  Confirmed

Bug description:
  When I run ssh-copy-id with the incorrect flag, I get this failure:

  $ sudo bash
  # ssh-copy-id -t /root/.ssh/id_rsa.pub ZZZZZZ at koch.phon.ox.ac.uk
  Pseudo-terminal will not be allocated because stdin is not a terminal.
  ssh: Could not resolve hostname umask 077; test -d ~/.ssh || mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys: Name or service not known
  #

  The correct flag is "-i", rather than "-t".

  Now, ssh-copy-id is a shell script, and the last line of the error
  message is line 44 of the shell script.  Apparently, $host is not set
  and then the command line is passed to ssh as the address.   It's a
  bit of a mess.

  ssh-copy-id should make some basic checks on its argument list.

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: openssh-client 1:5.8p1-1ubuntu3
  ProcVersionSignature: Ubuntu 2.6.38-11.48-generic 2.6.38.8
  Uname: Linux 2.6.38-11-generic x86_64
  NonfreeKernelModules: fglrx
  Architecture: amd64
  Date: Sun Aug 28 09:24:55 2011
  InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
  ProcEnviron:
   LANGUAGE=en_GB:en
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  RelatedPackageVersions:
   ssh-askpass       N/A
   libpam-ssh        N/A
   keychain          N/A
   ssh-askpass-gnome 1:5.8p1-1ubuntu3
  SSHClientVersion: OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
  SourcePackage: openssh
  UpgradeStatus: Upgraded to natty on 2011-04-30 (119 days ago)
  mtime.conffile..etc.ssh.ssh.config: 2010-10-18T20:51:49.940167

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/835901/+subscriptions

More information about the foundations-bugs mailing list