https://bugzilla.mindrot.org/show_bug.cgi?id=1981
Bug #: 1981
Summary: Trying to use ssh with a missing identity file gives
no warnings
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: [email protected]
ReportedBy: [email protected]
I attempted to set up a ~/.ssh/config entry that said
Host firewall-link
Hostname firewall.example.com
IdentityFile /Home/username/.ssh/id_rsa_vpn
User vpnuser
However, there was a typo in the IdentityFile line, so it specified the
wrong pathname (ie: no such file). Do you want to know how long it
took to track down this error? Too long!
You can only see the error message if you type 'ssh -d -d -d
firewall-link' (the maximum possible debug level), or use a system-call
tracing program (like strace) and compare good vs. bad sessions (if you
have a good one).
I'm unsure if this was a policy decision for security reasons ("Hide
failures"), but as it's an error on the client side, I fail to see the
security benefits of not printing "Identity file xxxxxxx not found" as
a warning just before moving on to the next authentication method.
Thanks!
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
