[Bug 3010] New: sshd_config ListenAddress: Netmask is misinterpreted as Port

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu May 16 00:23:41 AEST 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=3010

            Bug ID: 3010
           Summary: sshd_config ListenAddress: Netmask is misinterpreted
                    as Port
           Product: Portable OpenSSH
           Version: 7.6p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: kurt at easygo.at

Seen on Ubuntu 18.04 (openssh-server, 1:7.6p1-4ubuntu0.2, amd64)

If an IPv4 ListenAddress is configured with netmask suffix (eg.
10.0.0.1/24) the netmask part is used as listening port.

```
$ cat /tmp/sshd_test_conf 
ListenAddress 10.0.0.1/24

$ /usr/sbin/sshd -d -f /tmp/sshd_test_conf 
debug1: sshd version OpenSSH_7.6, OpenSSL 1.0.2n  7 Dec 2017
debug1: private host key #0: ssh-rsa SHA256:...
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:...
debug1: private host key #2: ssh-ed25519 SHA256:...
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-f'
debug1: rexec_argv[3]='/tmp/sshd_test_conf'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 24 on 10.0.0.1.
Server listening on 10.0.0.1 port 24.
```
For sure, this configuration is wrong, in this case it should be
ignored. Starting the service on a port wich was (wrongly) meant as
netmask seems to be wrong.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list