[Bug 1248] bug with HostbasedUsesNameFromPacketOnly
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Oct 5 07:54:30 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=1248
Summary: bug with HostbasedUsesNameFromPacketOnly
Product: Portable OpenSSH
Version: 4.4p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: res at qoxp.net
The server-side hostbased authentication logic strips any trailing dot
from the hostname supplied in the authentication request, which makes
sense because no one will enter hostnames with trailing dots in their
known-hosts lists.
The option HostbasedUsesNameFromPacketOnly has sshd skip checking the
reverse-lookup name of the client IP address against the
client-supplied hostname. However, the current code also skips
removing the trailing dot, the result of which is that hostbased
authentication fails completely, unless you go and add dots to all your
hostnames in the known-hosts file.
I am including a patch to fix this behavior.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list