[Bug 483928]

Aab 483928 at bugs.launchpad.net
Tue Dec 4 19:15:07 UTC 2012 

Created attachment 2197
Besides comments, inludes patch for openssh-6.1p1

I knew I forgot to do something.  I meant to CC you but obviously
forgot.  I apologize for the delay.

I finally got around to submitting the patch last week via direct email
to openssh-unix-dev at mindrot.org. Again I apologize for this particular
delay.

I retired at the end of May (2012) after 38 years at Purdue University
and the last six months there were a frenzy of "close down shop"
activity.  I still retain minimal access to some of the Purdue computers
via what they call my "career account".  This missive is being submitted
from one of them.

I was lucky enough to get a basic clone of my workstation to take home
but I didn't get it up and running until about a month ago.  Since then
I've been learning a lot of new stuff since my main access is now a
Windows box (I know, I know).  The patch submission was the first major
thing I did with it.  A copy of the patch for openssh-6.1p1 is attached.

Fuzzy???  Did I bug something up or is it because the patch you're using
is somewhat dated?

--    Paul//aab

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/483928

Title:
  ssh-keyscan(1) exits prematurely on some non-fatal errors

Status in Portable OpenSSH:
  Confirmed
Status in “openssh” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: openssh-client

  This concerns openssh-client 1:5.1p1-5ubuntu1 in Karmic.

  I am using ssh-keyscan(1) for its intended purpose: building an
  ssh_known_hosts file for a large network. Most of the hosts on this
  network are well-maintained systems, with properly-functioning SSH
  servers, and present no difficulty to the program.

  However, a handful of hosts are barely alive, with SSH servers that
  are not exactly in good working order. ssh-keyscan(1) currently will
  scan these systems, encounter some form of error, and then---right
  here is the problem---exit in the middle of the scan. The last bit of
  stderr output may look like

  	# A.B.C.D SSH-2.0-OpenSSH_4.3
  	# A.B.C.E SSH-2.0-OpenSSH_4.3
  	# A.B.C.F SSH-1.99-OpenSSH_3.7p1
  	Connection closed by A.B.C.F

  or

  	# A.B.C.D SSH-2.0-OpenSSH_4.1
  	# A.B.C.E SSH-2.0-OpenSSH_4.1
  	# A.B.C.F SSH-2.0-mpSSH_0.1.0
  	Received disconnect from A.B.C.F: 10:  Protocol error

  or

  	# A.B.C.D SSH-2.0-OpenSSH_4.4p1
  	# A.B.C.E SSH-2.0-OpenSSH_5.0p1
  	# A.B.C.F SSH-2.0-mpSSH_0.1.0
  	Received disconnect from A.B.C.F: 11:  SSH Disabled

  (These are the different failure modes I've observed to date)

  ssh-keyscan(1) needs to be robust to these kinds of errors---simply
  make a note of them, and continue on with the scan. I don't want to
  have to find out which systems are misbehaving by running and re-
  running the scan (each run yields at most one bad host, obviously),
  nor manually edit out the few bad apples from the input list of hosts
  (especially considering that this particular subset can change over
  time). Neither is feasible when the number of hosts being scanned is
  very large.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/483928/+subscriptions

More information about the foundations-bugs mailing list