[Bug 2933] New: MaxAuthTries validation incorrect
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Nov 20 10:44:26 AEDT 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2933
Bug ID: 2933
Summary: MaxAuthTries validation incorrect
Product: Portable OpenSSH
Version: 7.6p1
Hardware: All
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: me at petetravis.com
I have a system where MaxAuthTries has been administratively
misinterpreted:
[pete9168 at workstation ~]$ sudo grep MaxAuthTries /etc/ssh/sshd_config
MaxAuthTries yes
It passes the syntax validation check:
[pete9168 at workstation ~]$ sudo sshd -t && echo "EVERYTHING IS OK HERE"
EVERYTHING IS OK HERE
The daemon does not receive a valid integer for MaxAuthTries and seems
to interpret a maximum attempt count of zero:
[pete9168 at workstation ~]$ ssh localhost
Received disconnect from ::1 port 22:2: Too many authentication
failures
Disconnected from ::1 port 22
Please adjust `sshd -t` such that MaxAuthTries requires an integer > 0
to pass.
I initially observed this behavior with
openssh-server-1:6.6p1-2ubuntu2.11, the above validation is from
openssh-server-7.6p1-6.fc27.x86_64 .
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list