- dtucker@cvs.openbsd.org 2014/07/22 01:18:50

     [key.c]
     Prevent spam from key_load_private_pem during hostbased auth.  ok djm@

2 files changed, 9 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 47a541c39..b0e0f5fcc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,10 @@
    error messages.
  - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
    specific tests inside OPENSSL_HAS_ECC.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
+     [key.c]
+     Prevent spam from key_load_private_pem during hostbased auth.  ok djm@
 
 20140721
  - OpenBSD CVS Sync
diff --git a/key.c b/key.c
index 84bbeae38..206076159 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.121 2014/07/17 00:12:03 djm Exp $ */
+/* $OpenBSD: key.c,v 1.122 2014/07/22 01:18:50 dtucker Exp $ */
 /*
  * placed in the public domain
  */
@@ -447,7 +447,10 @@ key_load_private_pem(int fd, int type, const char *passphrase,
 	if ((r = sshkey_load_private_pem(fd, type, passphrase,
 	     &ret, commentp)) != 0) {
 		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
+		if (r == SSH_ERR_KEY_WRONG_PASSPHRASE)
+			debug("%s: %s", __func__, ssh_err(r));
+		else
+			error("%s: %s", __func__, ssh_err(r));
 		return NULL;
 	}
 	return ret;