openssh-3.0p1, auth2.c
Carson Gaspar
carson at taltos.org
Sun Nov 11 07:08:38 EST 2001
--On Saturday, November 10, 2001 1:39 PM +0100 Markus Friedl
<markus at openbsd.org> wrote:
> On Fri, Nov 09, 2001 at 10:23:40AM +0100, Hans Werner Strube wrote:
>> openssh-3.0p1 still contains the bug
>
> is it a bug? we need to use voting to bugzilla.
It's a bug. Where the bug is is debatable.
> 2) if HostbasedUsesNameFromPacketOnly is used, then
> the client can send any opaque 'string' it likes to use, e.g.
> "markus at openssh.com."
> or even
> "...."
> so sshd should not modify this string.
In that case, the bug is in ssh. Ssh should not send hostnames that are
period terminated.
> why are you using HostbasedUsesNameFromPacketOnly ?
It works in spite of PAT, or any other address mangling (non-transparent
application proxy firewalls, for example). This is a key feature for many
environments.
Now if only there were a similar feature for identifying the server...
--
Carson
More information about the openssh-unix-dev
mailing list