Back to list
Re: Multiple forced commands being executed
Feb 03 2011 03:35AM
Mark Aufflick (mark-secure aufflick com)
FYI - ssh version is:
OpenSSH_5.4p1 FreeBSD-20100308, OpenSSL 0.9.8n 24 Mar 2010
And now I am using my own smtp not Gmail's blacklisted ones hopefully this message will actually make it to the list...
On 03/02/2011, at 1:44 PM, Mark Aufflick wrote:
> FYI I am seeing exactly the same issue. The -vv output on the client
> shows running a huge number of commands (not totally sure if it
> correlates to the number of entries in authorized_keys or just the
> number preceding the matched key - I think it's the latter) and
> judging by the pid of the command that finally ends up being run those
> log entries are actually related to commands being run and abandoned.
> It's like the forced command is executed prior to the key being
> checked? Besides wasting resources it's potentially doing things you
> don't expect (what if the command had a side effect) and slowing down
> the connection.
> I assume it's not intended behaviour? Neither the command="command"
> section of the ssh man page nor the ForceCommand section of
> sshd_config make any reference to it so I presume not.
> Let me know if I can provide any more useful info - I'm going to have
> a quick hunt in the sshd code to see if I can find anything obvious,
> but I'm not familiar with the code base so don't hold your breath.
> Mark Aufflick
[ reply ]
Copyright 2010, SecurityFocus