[Bug 2025] New: Comments with 1024 chars or more break sshd_config

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jul 12 00:34:42 EST 2012 

https://bugzilla.mindrot.org/show_bug.cgi?id=2025

          Priority: P5
            Bug ID: 2025
          Assignee: unassigned-bugs at mindrot.org
           Summary: Comments with 1024 chars or more break sshd_config
          Severity: normal
    Classification: Unclassified
                OS: Linux
          Reporter: bugzilla.mindrot.org-mail at nils.toedtmann.net
          Hardware: All
            Status: NEW
           Version: 6.0p1
         Component: sshd
           Product: Portable OpenSSH

Created attachment 2173
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2173&action=edit
Prepends a comment longer than 1024 chars to sshd_config

(I searched and i did not find this behaviour documented e.g. as known
bug. Forgive me if i have missed it)


When sshd_config contains a comment of more than 1023 chars, it treats
char 1024+ as valid configuration. That usually breaks the config, or
(in case there accidentally is valid sshd_config syntax) is unwanted.

To verify the bug, apply appended patch to sshd_config (that prepends a
long comment) and try to start ssh. You will see this:

  $ sudo /usr/local/sbin/sshd
  /usr/local/etc/sshd_config: line 2: Bad configuration option:
ThisIsTheEndOfALongComment
  /usr/local/etc/sshd_config: terminating, 1 bad configuration options

Note that it complains about line 2 though the offending comment is in
line 1.

It is worth mentioning that active configuration lines longer than 1023
chars work fine. (I discovered this bug when i commented out a long
"Match Address" list)

This bug strikes at on
 * openssh-6.0p1 from openssh.com (built on Ubuntu 11.10 i686)
 * openssh-server-5.3p1-70.el6_2.2.x86_64 (CentOS 6.2)
 * openssh-server 1:5.3p1-3ubuntu7 (Ubuntu 10.04 LTS)
 * openssh-server 1:5.8p1-7ubuntu1 (Ubuntu 11.10)
 * openssh-server 1:5.9p1-5ubuntu1 (Ubuntu 12.04 LTS)

(See also
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1023360)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list