[Bug 3107] New: Mistake in config can result in fork bomb
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Dec 21 21:25:36 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=3107
Bug ID: 3107
Summary: Mistake in config can result in fork bomb
Product: Portable OpenSSH
Version: 8.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: petoju at gmail.com
Created attachment 3343
--> https://bugzilla.mindrot.org/attachment.cgi?id=3343&action=edit
ssh_config causing fork bomb
When writing ssh_config, an innocuous mistake in ssh_config leads to a
fork bomb.
One example is this config, use it when connecting to any host:
Host proxy
Hostname doesnotmatter.example.com
Host *
ProxyJump proxy
OpenSSH client tries to connect to the proxy first. To connect to the
proxy, it has to connect to the very same proxy. It could be more
complicated, but the issue is in the cycle.
Why is it annoying: one can effectively kill own system like this by
mistake. No warning is provided.
What could OpenSSH do about it: warn that there is a cycle, recommend
excluding "proxy" from ProxyJump and bail out.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list