[Bug 3235] New: pubkey auth with dns name in from= filter in authorized keys not working on ip6-only hosts from dual-stack hosts
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Nov 21 01:00:24 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=3235
Bug ID: 3235
Summary: pubkey auth with dns name in from= filter in
authorized keys not working on ip6-only hosts from
dual-stack hosts
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: m_langbe at cs.uni-kl.de
Created attachment 3456
--> https://bugzilla.mindrot.org/attachment.cgi?id=3456&action=edit
example settings
In case the host is ip6 only, and the originating host has ip6+ip4,
with the dns entry containing the ip4 address before the ip6 address,
no match is recognized, and public-key authentication fails.
I may be a general problem with multi-address dns entries, where only
the first one is used to compare with the connecting ip.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list