2007/10/18 Patrik Lermon <[EMAIL PROTECTED]>:
>
> On Thursday 18 October 2007 10:58:58 Hamish Moffatt wrote:
> > On Thu, Oct 18, 2007 at 10:33:40AM +0200, Roberto A. Foglietta wrote:
> > > 2007/10/18, Hamish Moffatt <[EMAIL PROTECTED]>:
> > > > Roberto A. Foglietta wrote:
> > > > > /.ssh # ssh -Y [EMAIL PROTECTED] hostname
> > > > >
> > > > > Host '172.16.119.6' key accepted unconditionally.
> > > > > (fingerprint md5 c9:50:c6:b3:eb:f8:80:be:68:fe:a1:fd:51:fb:d8:15)
> > > > > eemd2364170
> > > >
> > > > Note that OpenSSH has a -Y switch with a different meaning, so this may
> > > > be confusing.
> > >
> > > Yes, you are right. May be a -yy could be better?
> > > New patch in attachment.
> >
> > That sounds reasonable to me. I wish OpenSSH had this functionality!
> >
> > cheers,
> > Hamish
>
> You can do this (if I understood the problem correctly):
>
> $ ssh -o CheckHostIP=no -o StrictHostKeyChecking=no <host>
>
> This will give you a warning if the hostkey doesn't match, but allow you to
> get in.
>
Yes you are right but this trick works one time and the next? The
first run an embedded system has to overwrite a key BUT the next time
have to fails if key change, for example. I think overwrite the key
once time when nedded is safer than disabling host check and key
forever. For this reason I am attaching the patch again, hoping you
will applay it.
Best regards,
--
/roberto
diff -pru dropbear-0.50/cli-kex.c dropbear-0.50_raf/cli-kex.c
--- dropbear-0.50/cli-kex.c 2007-08-08 17:39:36.000000000 +0200
+++ dropbear-0.50_raf/cli-kex.c 2007-10-17 14:56:57.011556128 +0200
@@ -278,6 +278,13 @@ static void checkhostkey(unsigned char*
goto out;
}
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY
+ if (cli_opts.always_accept_key < 0) {
+ /* The keys didn't match. eep. but acceptance is forced anyway */
+ TRACE(("Host key mismatch but acceptance is forced anyway by command line parameter"))
+ break;
+ }
+#endif
/* The keys didn't match. eep. Note that we're "leaking"
the fingerprint strings here, but we're exiting anyway */
dropbear_exit("\n\nHost key mismatch for %s !\n"
@@ -287,19 +294,19 @@ static void checkhostkey(unsigned char*
cli_opts.remotehost,
sign_key_fingerprint(keyblob, keybloblen),
fingerprint ? fingerprint : "UNKNOWN");
+
} while (1); /* keep going 'til something happens */
/* Key doesn't exist yet */
ask_to_confirm(keyblob, keybloblen);
/* If we get here, they said yes */
-
if (readonly) {
TRACE(("readonly"))
goto out;
}
- if (!cli_opts.always_accept_key) {
+ if (cli_opts.always_accept_key <= 0) {
/* put the new entry in the file */
fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
buf_setpos(line, 0);
diff -pru dropbear-0.50/options.h dropbear-0.50_raf/options.h
--- dropbear-0.50/options.h 2007-08-08 17:39:37.000000000 +0200
+++ dropbear-0.50_raf/options.h 2007-10-17 15:02:09.107121213 +0200
@@ -235,6 +235,12 @@ etc) slower (perhaps by 50%). Recommende
be overridden at runtime with -K. 0 disables keepalives */
#define DEFAULT_KEEPALIVE 0
+/* Embedded systems should need an unconditionally acceptance of
+ hostkey and store it for future use (with sftp for example) but
+ enabling this command line option could reduce the system security.
+ If you are not sure of what are you doing do not activate this option! */
+/* #define ENABLE_ACCEPT_AND_SAVE_HOSTKEY */
+
/*******************************************************************
* You shouldn't edit below here unless you know you need to.
*******************************************************************/
--- dropbear-0.50_orig/cli-runopts.c 2007-08-08 17:39:36.000000000 +0200
+++ dropbear-0.50/cli-runopts.c 2007-10-18 10:21:31.614425011 +0200
@@ -53,6 +53,9 @@ static void printhelp() {
"-N Don't run a remote command\n"
"-f Run in background after auth\n"
"-y Always accept remote host key if unknown\n"
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY
+ "-yy Always accept remote host key and save it\n"
+#endif
#ifdef ENABLE_CLI_PUBKEY_AUTH
"-i <identityfile> (multiple allowed)\n"
#endif
@@ -159,6 +162,10 @@ void cli_getopts(int argc, char ** argv)
switch (argv[i][1]) {
case 'y': /* always accept the remote hostkey */
cli_opts.always_accept_key = 1;
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY /* always accept the remote hostkey and save it down */
+ if(argv[i][2] == 'y')
+ cli_opts.always_accept_key = -1;
+#endif
break;
case 'p': /* remoteport */
next = &cli_opts.remoteport;
