Public bug reported:
When using mandos-keygen --password (or --passfile) on a Mandos client
host to generate a new config file section for /etc/mandos/clients.conf
on the Mandos server, and the client host has an SSH server and client
installed, the generated output has an error in it which prevents it
from running successfully.
This bug is fixed in Mandos version 1.6.8.
Details:
The checker command contains
"%%(host)s
when instead it should contain
%%(host)s"
Further details:
In the "checker" option in /etc/mandos/clients.conf, the string
"%%(host)s" expands to a hostname which has been passed through the
Python function re.escape(), which means that all non-alphanumeric
characters has been escaped with a backslash – i.e.
"host\.example\.org". This makes the string safe to pass unquoted to a
shell command, and the string must NOT itself be quoted, since this
would keep the backslashes, and the hostname would not be correct.
Therefore, the %%(host)s must be *outside* the quoted portion of the
checker command.
** Affects: mandos (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: mandos (Debian)
Importance: Undecided
Status: Fix Released
** Changed in: mandos (Ubuntu)
Status: New => Confirmed
** Also affects: mandos (Debian)
Importance: Undecided
Status: New
** Changed in: mandos (Debian)
Status: New => Fix Released
** Changed in: mandos (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1353841
Title:
mandos-keygen --password creates bad SSH checker command
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mandos/+bug/1353841/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
