Ssh – How does SSH display the message “The authenticity of host .. can’t be established”

command lineio-redirectionsshterminal

I wanted to trace down the system call used by ssh to output this warning message:

> ssh root@abcde
The authenticity of host .. can't be established.

If the message were sent to stderr or stdout, there would definitely be a system call trace showing ssh write() to stderr/stdout.

However, there is none.

So how does SSH show the warning message on terminal? Does SSH directly manipulate terminal device to display the message, without interacting with stderr/stdout?

Best Answer

ssh opens the controlling terminal directly via /dev/tty and that's where it's writing that message.

It's the same fd ssh is using to interact with the user, to read passwords, etc. This allows the user to redirect the stderr or stdin of ssh transparently.

$ strace -f -o /tmp/strace ssh -o UserKnownHostsFile=/dev/null localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:XXXXXXXXXXXXX8XXXXXX8XXXX4XXXXXXXXXXXX3XXXX.
Are you sure you want to continue connecting (yes/no)? ^C
$ egrep 'open|write' /tmp/strace
...
3609  openat(AT_FDCWD, "/dev/tty", O_RDWR) = 4
3609  write(4, "The authenticity of host 'localh"..., 197) = 197

Best Answer

Related Solutions

Related Question