Your message dated Sun, 3 Oct 2021 18:53:24 +0100
with message-id <[email protected]>
and subject line Re: Bug#804820: ControlPersist disables UpdateHostKeys, even
with -Snone
has caused the Debian Bug report #804820,
regarding ControlPersist disables UpdateHostKeys, even with -Snone
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
804820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804820
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: openssh-client
Version: 1:6.9p1-2+b1
Severity: minor
File: /usr/bin/ssh
This makes sense:
fishbowl:~% ssh -v cirrus
OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015
[…]
debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling
But when I pass -Snone, I effectively disable ControlPersist, and so
UpdateHostKeys should become effective.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openssh-client depends on:
ii adduser 3.113+nmu3
ii dpkg 1.18.3
ii libc6 2.19-22
ii libedit2 3.1-20150325-1
ii libgssapi-krb5-2 1.13.2+dfsg-4
ii libselinux1 2.3-2+b1
ii libssl1.0.2 1.0.2d-3
ii passwd 1:4.2-3
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages openssh-client recommends:
ii xauth 1:1.0.9-1
Versions of packages openssh-client suggests:
pn keychain <none>
pn libpam-ssh <none>
ii monkeysphere 0.37-3
ii ssh-askpass-gnome [ssh-askpass] 1:6.9p1-2+b1
-- debconf-show failed
--
.''`. martin f. krafft <[email protected]> @martinkrafft
: :' : proud Debian developer
`. `'` http://people.debian.org/~madduck
`- Debian - when you have better things to do than fixing systems
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:8.2p1-1
On Thu, Nov 12, 2015 at 05:05:31PM +1300, martin f krafft wrote:
> This makes sense:
>
> fishbowl:~% ssh -v cirrus
> OpenSSH_6.9p1 Debian-2+b1, OpenSSL 1.0.2d 9 Jul 2015
> […]
> debug1: UpdateHostKeys=ask is incompatible with ControlPersist; disabling
>
> But when I pass -Snone, I effectively disable ControlPersist, and so
> UpdateHostKeys should become effective.
This seems to have been fixed in passing in OpenSSH 8.2:
https://anongit.mindrot.org/openssh.git/commit/?id=7955633a554397bc24913cec9fd7285002935f7e
diff --git a/ssh.c b/ssh.c
index 8931ecf81..4998ebc16 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.514 2020/01/25 00:03:36 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.515 2020/01/25 00:21:08 djm Exp $ */
/*
* Author: Tatu Ylonen <[email protected]>
* Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
@@ -1248,7 +1248,7 @@ main(int ac, char **av)
strcmp(options.proxy_command, "-") == 0 &&
options.proxy_use_fdpass)
fatal("ProxyCommand=- and ProxyUseFDPass are incompatible");
- if (options.control_persist &&
+ if (options.control_persist && options.control_path != NULL &&
options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) {
debug("UpdateHostKeys=ask is incompatible with ControlPersist; "
"disabling");
--
Colin Watson (he/him) [[email protected]]
--- End Message ---
