openssh-unix-dev May 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: backdoor by authorized_keys2 leftovers

Re: backdoor by authorized_keys2 leftovers

From: Darren Tucker <dtucker_at_nospam>
Date: Fri May 20 2011 - 01:05:05 GMT
To: Damien Miller <djm@mindrot.org>

On 16/05/11 1:14 PM, Damien Miller wrote:
> On Mon, 16 May 2011, Damien Miller wrote:
[...]
>> AuthorizedKeysFile .ssh/authorized_keys
>> AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
>> AuthorizedKeysFile /etc/ssh/authorized_keys/keys_%u .ssh/authorized_keys
>>
>> So maybe all-keys-on-one-line is better.
>
> Here's a diff that implements this:

Diff looks mostly OK, however I suggest the following:
  - all-one-line as mentioned earlier
  - continue to accept authorized_keys2 in sshd_config and stash in
serveropts.
  - when the config file parsing is done, if it's set append the value
of authorized_keys2 to the authorized_keys_files array. This should be
equivalent to the current behaviour (maybe log a deprecation warning or
something).
  - explicitly set AuthorizedKeysFile in the shipped sshd_config without
authorized_keys2 (similar to the Protocol 1 deprecation).

This should mean new installs won't look at authorized_keys2, but the
behaviour of existing installs won't change during an upgrade.

-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev