Ubuntu
openssh package

SSH-Agent not working in KDE/X-Session if user's login shell is a tcsh

Bug #1312928 reported by Steffen Stempel
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released
Medium
Colin Watson
Saucy
Won't Fix
Medium
Colin Watson
Trusty
Fix Released
Medium
Colin Watson
Ubuntu ubuntu-14.04.1

Bug Description

[Impact] ssh-agent startup via Upstart doesn't work if the user's shell is [t]csh.
[Test Case] Create a guest account whose shell is tcsh and make sure that they can start a session and get ssh-agent. Note that this may not work for GNOME-flavoured sessions due to gnome-keyring taking precedence.
[Regression Potential] Confined to the ssh-agent started via Upstart, and in any event should be trivial since -s is already the default for most (just not all) users.

For X11/KDE sessions ssh-agent is started via upstart using configuration file /usr/share/upstart/sessions/ssh-agent.conf with the instruction ``eval "$(ssh-agent)" >/dev/null''.
If the user's login shell is tcsh or csh ssh-agent will return c-shell like setenv commands which upstart/shell do not recognize. Thus environment variables $SSH_* are not propagated into the user's desktop session and neither ssh nor ssh-add are able to contact ssh-agent.
Solution: use ``eval "$(ssh-agent -s)"'' to force sh-like output of ssh-agent (context diff included as attachment)
Addition information: Bug occures at least in 13.10 and 14.04 amd64 architecture. In 14.04 the affected openssh-client package version is 1:6.2p2-6ubuntu0.3

See original description
Revision history for this message
Steffen Stempel (seeffen) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Patch for /usr/share/upstart/sessions/ssh-agent.conf" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Brian Murray (brian-murray)
tags: added: saucy trusty
Changed in openssh (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Colin Watson (cjwatson) wrote :

Committed to the Debian git repository. Thanks!

Changed in openssh (Ubuntu):
status: New → Fix Committed
assignee: nobody → Colin Watson (cjwatson)
Colin Watson (cjwatson)
Changed in openssh (Ubuntu Saucy):
assignee: nobody → Colin Watson (cjwatson)
Changed in openssh (Ubuntu Trusty):
assignee: nobody → Colin Watson (cjwatson)
Changed in openssh (Ubuntu Saucy):
status: New → Triaged
Changed in openssh (Ubuntu Trusty):
status: New → Triaged
Changed in openssh (Ubuntu Saucy):
importance: Undecided → Medium
Changed in openssh (Ubuntu Trusty):
importance: Undecided → Medium
milestone: none → ubuntu-14.04.1
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:6.6p1-5

---------------
openssh (1:6.6p1-5) unstable; urgency=medium

  * Force ssh-agent Upstart job to use sh syntax regardless of the user's
    shell (thanks, Steffen Stempel; LP: #1312928).

 -- Colin Watson <email address hidden> Thu, 01 May 2014 16:27:53 +0100

Changed in openssh (Ubuntu):
status: Fix Committed → Fix Released
Colin Watson (cjwatson)
description: updated
Changed in openssh (Ubuntu Trusty):
status: Triaged → In Progress
Colin Watson (cjwatson)
Changed in openssh (Ubuntu Saucy):
status: Triaged → In Progress
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Steffen, or anyone else affected,

Accepted openssh into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in openssh (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Steffen Stempel (seeffen) wrote :

Hello Brian,

I manually installed the net openssh-server/client packages (version 6.6p1-2ubuntu2) on 14.04 AMD64. The new package fixes the problem.

Thanks

Steffen

Revision history for this message
Brian Murray (brian-murray) wrote :

Hello Steffen, or anyone else affected,

Accepted openssh into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/openssh/1:6.2p2-6ubuntu0.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in openssh (Ubuntu Saucy):
status: In Progress → Fix Committed
tags: added: verification-done-trusty
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:6.6p1-2ubuntu2

---------------
openssh (1:6.6p1-2ubuntu2) trusty; urgency=medium

  * Apply upstream-recommended patch to fix bignum encoding for
    <email address hidden>, fixing occasional key exchange failures
    (LP: #1310781).
  * Force ssh-agent Upstart job to use sh syntax regardless of the user's
    shell (thanks, Steffen Stempel; LP: #1312928).
 -- Colin Watson <email address hidden> Fri, 02 May 2014 09:42:23 +0100

Changed in openssh (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Rolf Leggewie (r0lf) wrote :

saucy has seen the end of its life and is no longer receiving any updates. Marking the saucy task for this ticket as "Won't Fix".

Changed in openssh (Ubuntu Saucy):
status: Fix Committed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.