[Bug 2933] New: MaxAuthTries validation incorrect

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Nov 20 10:44:26 AEDT 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2933

            Bug ID: 2933
           Summary: MaxAuthTries validation incorrect
           Product: Portable OpenSSH
           Version: 7.6p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: me at petetravis.com

I have a system where MaxAuthTries has been administratively
misinterpreted:

[pete9168 at workstation ~]$ sudo grep MaxAuthTries /etc/ssh/sshd_config 
MaxAuthTries yes

It passes the syntax validation check:

[pete9168 at workstation ~]$ sudo sshd -t && echo "EVERYTHING IS OK HERE"
EVERYTHING IS OK HERE

The daemon does not receive a valid integer for MaxAuthTries and seems
to interpret a maximum attempt count of zero:

[pete9168 at workstation ~]$ ssh localhost
Received disconnect from ::1 port 22:2: Too many authentication
failures
Disconnected from ::1 port 22

Please adjust `sshd -t` such that MaxAuthTries requires an integer > 0
to pass.

I initially observed this behavior with
openssh-server-1:6.6p1-2ubuntu2.11, the above validation is from
openssh-server-7.6p1-6.fc27.x86_64 .

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list