rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set

Browse Source
This commit is contained in:
Petr Lautrbach 2014-01-20 16:41:00 +01:00
parent 084bc6fca5
commit b898cbf5e1
2 changed files with 61 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
openssh-6.4p1-legacy-ssh-copy-id.patch Normal file
View File

@ -0,0 +1,58 @@
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
index ae88e99..8e1091c 100644
--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
@@ -77,7 +77,7 @@ use_id_file() {
PUB_ID_FILE="$L_ID_FILE.pub"
fi
- PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub)
+ [ "x$SSH_COPY_ID_LEGACY" != "x" ] || PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub)
# check that the files are readable
for f in $PUB_ID_FILE $PRIV_ID_FILE ; do
@@ -243,7 +243,7 @@ populate_new_ids() {
printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2
}
-REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 |
+[ "x$SSH_COPY_ID_LEGACY" != "x" ] || REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 |
sed -ne 's/.*remote software version //p')
case "$REMOTE_VERSION" in
@@ -268,7 +268,11 @@ case "$REMOTE_VERSION" in
;;
*)
# Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect
- populate_new_ids 0
+ if [ "x$SSH_COPY_ID_LEGACY" != "x" ]; then
+ NEW_IDS=`eval "$GET_ID"`
+ else
+ populate_new_ids 0
+ fi
[ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | ssh "$@" "
umask 077 ;
mkdir -p .ssh && cat >> .ssh/authorized_keys || exit 1 ;
diff --git a/contrib/ssh-copy-id.1 b/contrib/ssh-copy-id.1
index 67a59e4..df7ce16 100644
--- a/contrib/ssh-copy-id.1
+++ b/contrib/ssh-copy-id.1
@@ -180,6 +180,18 @@ should prove enlightening (N.B. the modern approach is to use the
.Fl W
option, rather than
.Xr nc 1 ) .
+.Sh ENVIRONMENT
+.Bl -tag -width Ds
+.Pp
+.It Pa SSH_COPY_ID_LEGACY
+If the
+.Cm SSH_COPY_ID_LEGACY
+environment variable is set, the
+.Nm
+is run in a legacy mode. In this mode, the
+.Nm
+doesn't check an existence of a private key and doesn't do remote checks
+of the remote server versions or if public keys are already installed.
.Sh "SEE ALSO"
.Xr ssh 1 ,
.Xr ssh-agent 1 ,

3
openssh.spec
View File

@ -184,6 +184,8 @@ Patch902: openssh-6.3p1-krb5-use-default_ccache_name.patch
Patch903: openssh-6.3p1-increase-size-of-DF-groups.patch Patch903: openssh-6.3p1-increase-size-of-DF-groups.patch
# FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A (#1001748) # FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A (#1001748)
Patch904: openssh-6.4p1-FIPS-mode-SP800-131A.patch Patch904: openssh-6.4p1-FIPS-mode-SP800-131A.patch
# Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set (#969375
Patch905: openssh-6.4p1-legacy-ssh-copy-id.patch
License: BSD License: BSD
@ -407,6 +409,7 @@ popd
%patch902 -p1 -b .ccache_name %patch902 -p1 -b .ccache_name
%patch903 -p1 -b .dh %patch903 -p1 -b .dh
%patch904 -p1 -b .SP800-131A %patch904 -p1 -b .SP800-131A
%patch905 -p1 -b .legacy-ssh-copy-id
%if 0 %if 0
# Nothing here yet # Nothing here yet