From 5e60f5937b9c33190b9d7614f72d85d4a9b38d3d Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 28 Mar 2025 06:04:07 +0000 Subject: [PATCH] upstream: Pass "ControlMaster no" to ssh when invoked by scp & sftp. If you have ControlMaster auto (or yes) in your config, and the first connection you make is via scp or sftp, then you may get a few unexpected options applied to it (eg ForwardX11 no), since sftp and sftp explicitly disable those for reasons. These effects will persist beyond the initial scp or sftp command. This explicitly disables persistent session *creation* by scp and sftp. It will not prevent them from using an existing session if one has already been created. From Github PR#557, ok djm@ kn@ OpenBSD-Commit-ID: 9dad7c737466837e0150c4318920f46d844770c4 --- scp.c | 3 ++- sftp.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/scp.c b/scp.c index d12cf6df8..57c242ffc 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.262 2025/03/19 06:11:15 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.263 2025/03/28 06:04:07 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -505,6 +505,7 @@ main(int argc, char **argv) addargs(&args, "-oClearAllForwardings=yes"); addargs(&args, "-oRemoteCommand=none"); addargs(&args, "-oRequestTTY=no"); + addargs(&args, "-oControlMaster=no"); fflag = Tflag = tflag = 0; while ((ch = getopt(argc, argv, diff --git a/sftp.c b/sftp.c index 360c5004a..bdedd1416 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.239 2024/06/26 23:14:14 deraadt Exp $ */ +/* $OpenBSD: sftp.c,v 1.240 2025/03/28 06:04:07 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2463,6 +2463,7 @@ main(int argc, char **argv) addargs(&args, "-oForwardX11 no"); addargs(&args, "-oPermitLocalCommand no"); addargs(&args, "-oClearAllForwardings yes"); + addargs(&args, "-oControlMaster no"); ll = SYSLOG_LEVEL_INFO; infile = stdin; -- 2.47.3