Public bug reported: When using mandos-keygen --password (or --passfile) on a Mandos client host to generate a new config file section for /etc/mandos/clients.conf on the Mandos server, and the client host has an SSH server and client installed, the generated output has an error in it which prevents it from running successfully.
This bug is fixed in Mandos version 1.6.8. Details: The checker command contains "%%(host)s when instead it should contain %%(host)s" Further details: In the "checker" option in /etc/mandos/clients.conf, the string "%%(host)s" expands to a hostname which has been passed through the Python function re.escape(), which means that all non-alphanumeric characters has been escaped with a backslash – i.e. "host\.example\.org". This makes the string safe to pass unquoted to a shell command, and the string must NOT itself be quoted, since this would keep the backslashes, and the hostname would not be correct. Therefore, the %%(host)s must be *outside* the quoted portion of the checker command. ** Affects: mandos (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: mandos (Debian) Importance: Undecided Status: Fix Released ** Changed in: mandos (Ubuntu) Status: New => Confirmed ** Also affects: mandos (Debian) Importance: Undecided Status: New ** Changed in: mandos (Debian) Status: New => Fix Released ** Changed in: mandos (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1353841 Title: mandos-keygen --password creates bad SSH checker command To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mandos/+bug/1353841/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs