Page MenuHomeVyOS Platform

Passwords with Special Characters in Commit Archive Fai
Open, Requires assessmentPublicBUG

Description

Passwords with special characters used in commit-archive fail:

# VyOS
vyos@cr01b-vyos# set interfaces dummy dum0 description "temporary description to force a commit proving it works before without special char"
[edit]
vyos@cr01b-vyos# commit
Using source address fd52:d62e:8011:6e:192:168:15:4
Archiving config...
  sftp://stor01z-cs.int.trae32566.org/cr01b-vyos  OK
[edit]
vyos@cr01b-vyos# delete system config-management commit-archive location 
[edit]
vyos@cr01b-vyos# set system config-management commit-archive location "sftp://cr01b:$T3$TP@$$W0^%@stor01z-cs.int.trae32566.org/cr01b-vyos"
[edit]
vyos@cr01b-vyos# commit
Using source address fd52:d62e:8011:6e:192:168:15:4
Archiving config...
  sftp://stor01z-cs.int.trae32566.org/cr01b-vyos curl: (6) Could not resolve host: 18274W0^%@stor01z-cs.int.trae32566.org
 Failed!
[edit]

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202005150117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

pasik added a subscriber: pasik.May 16 2020, 8:11 AM
jjakob added a subscriber: jjakob.May 16 2020, 8:21 AM

Passing passwords via command line arguments is very bad practice. Curl has a -u option, if passed just the user it prompts for the password on stdin. This can simply be passed via shell redirection.