Summary

The SSH Public Keys for the wrong user could be updated / removed in local authorized_keys files

Issue

A bug in boks_clntd may update and/or remove SSH public keys in local authorized_keys files for the wrong user if users with similar names have registered user public keys.
Example:
Users HGRP:foo and HGRP:foo1 exist in the BoKS database, but only HGRP:foo1 has SSH public keys registered and provisioned. User HGRP:foo registers a key which should be provisioned to HGRP:foo's local authorized_keys file. Due to the bug, HGRP:foo1's authorized_keys file is updated instead, removing provisioned keys and adding HGRP:foo's public key.

Resolution / Workaround

Install the hotfix HFBM-0029, available for download from the HelpSystems Community Portal.

This hotfix installs a new version of boks_clntd which resolves this issue.
Note that this issue also affects:
  • BoKS Server Agent - Unix/Linux 6.7.0

Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018