From: dtucker@openbsd.org Date: Fri, 28 Mar 2025 06:04:07 +0000 (+0000) Subject: upstream: Pass "ControlMaster no" to ssh when invoked by scp & sftp. X-Git-Tag: V_10_0_P1~14 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e60f5937b9c33190b9d7614f72d85d4a9b38d3d;p=thirdparty%2Fopenssh-portable.git upstream: Pass "ControlMaster no" to ssh when invoked by scp & sftp. If you have ControlMaster auto (or yes) in your config, and the first connection you make is via scp or sftp, then you may get a few unexpected options applied to it (eg ForwardX11 no), since sftp and sftp explicitly disable those for reasons. These effects will persist beyond the initial scp or sftp command. This explicitly disables persistent session *creation* by scp and sftp. It will not prevent them from using an existing session if one has already been created. From Github PR#557, ok djm@ kn@ OpenBSD-Commit-ID: 9dad7c737466837e0150c4318920f46d844770c4 --- diff --git a/scp.c b/scp.c index d12cf6df8..57c242ffc 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.262 2025/03/19 06:11:15 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.263 2025/03/28 06:04:07 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -505,6 +505,7 @@ main(int argc, char **argv) addargs(&args, "-oClearAllForwardings=yes"); addargs(&args, "-oRemoteCommand=none"); addargs(&args, "-oRequestTTY=no"); + addargs(&args, "-oControlMaster=no"); fflag = Tflag = tflag = 0; while ((ch = getopt(argc, argv, diff --git a/sftp.c b/sftp.c index 360c5004a..bdedd1416 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.239 2024/06/26 23:14:14 deraadt Exp $ */ +/* $OpenBSD: sftp.c,v 1.240 2025/03/28 06:04:07 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2463,6 +2463,7 @@ main(int argc, char **argv) addargs(&args, "-oForwardX11 no"); addargs(&args, "-oPermitLocalCommand no"); addargs(&args, "-oClearAllForwardings yes"); + addargs(&args, "-oControlMaster no"); ll = SYSLOG_LEVEL_INFO; infile = stdin;