[Bug 2031942] Re: AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set
Athos Ribeiro
2031942 at bugs.launchpad.net
Mon Aug 21 12:20:01 UTC 2023
** Changed in: openssh (Ubuntu)
Status: New => Triaged
** Tags added: bitesize
** Also affects: openssh (Ubuntu Mantic)
Importance: Undecided
Status: Triaged
** Also affects: openssh (Ubuntu Lunar)
Importance: Undecided
Status: New
** Also affects: openssh (Ubuntu Jammy)
Importance: Undecided
Status: New
** Tags added: server-todo
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2031942
Title:
AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set
Status in openssh package in Ubuntu:
Triaged
Status in openssh source package in Jammy:
New
Status in openssh source package in Lunar:
New
Status in openssh source package in Mantic:
Triaged
Bug description:
Versions of OpenSSH from 8.7p1 to 9.3p1 contain the following code:
if (*activep && options->authorized_keys_command == NULL)
*charptr = xstrdup(str + len);
However, this is executed for both authorized_keys_command and
authorized_principals_command. As a result, if authorized_keys_command
is set (for instance, if using ec2-instance-connect), any
AuthorizedPrincipalsCommand configuration in sshd_config is ignored.
This is fixed in 9.4p1 with the attached patch.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2031942/+subscriptions
More information about the foundations-bugs
mailing list