[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: bug in scp (maybe)
From: Andy Tsouladze <andyb1 () andy-t ! org>
Date: 2014-01-20 5:38:45
Message-ID: alpine.LNX.2.02.1401192314190.26637 () mate ! andy-t ! org
[Download RAW message or body]
Hello,
While playing around with various openssh features and options, I tried to
use `scp -3' which copies files between two remote systems. It works fine
if password is not required for either SRC or DEST systems, and if
password is required only for one remote system (either SRC or DEST). The
problem happens only if both SRC and DEST systems require a password.
Here is a session:
----------------------------
scp -3 andyt2@majesty:/etc/group andyt2@mate:/tmp/group
andyt2@majesty's password: andyt2@mate's password:
XXXXXX
---------------------------
As you can see, after the command is started, both remote systems prompt
for a password on the same line. So I enter a password for user andyt2
and press ENTER. What happens next is probably a bug. Line advances, and
nothing at all happens. So I am assuming that now the second system is
waiting for a password. I enter it, and it appears in the terminal in
cleartext (substituted here with XXXXXX). The command then proceeds and
finishes successfully.
A workaround I found is to simply press ENTER instead of typing a second
password. Then, you get an error saying the password is incorrect, and
a new, normal password prompt appears. Enter the password, and this time,
it is not visible.
This is what it looks like:
----------------------------
andyt@king: andyt> scp -3 andyt2@majesty:/etc/group andyt2@mate:/tmp/group
andyt2@majesty's password: andyt2@mate's password:
Permission denied, please try again.
andyt2@mate's password:
----------------------------
I imagine a similar problem may exist if a user is prompted for a
passphrase.
System info:
All three systems run Slackware ver. 14.0, openssh-6.4.
Please let me know if further clarification or test runs are needed.
Regards,
Andy
Dr Andy Tsouladze
Sr Unix/Storage/Security SysAdmin
PWD=`cat /dev/urandom | sed 's/[^\x21-\x7f]//g' | head -c 14`
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic