[Bug 2057] New: ssh should treat "Received disconnect" messages as errors

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Jan 5 08:03:22 EST 2013


            Bug ID: 2057
           Summary: ssh should treat "Received disconnect" messages as
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P4
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: imorgan at nas.nasa.gov

Created attachment 2204
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2204&action=edit
Use error() to report "Received disconnect" messages to the user

In packet.c, logit() is used to report SSH2_MSG_DISCONNECT and
SSH_MSG_DISCONNECT messages to the user. This means that if the user
has LogLevel set to "error," such messages will be suppressed. Since
the circumstances which trigger packet_disconnect() to be called are
really error conditions, it seems more appropriate to use error().

One scenario where this occurs is when a user has LogLevel=error to
suppress the login banner of the remote system, but exceeds
MaxAuthTries due to a combination of failed hostbased and public-key
authentication attempts. In that case, the user receives no feedback.

You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list