Bug#456672: openssh-server: authorized_keys from= doesn't loop around hostnames

To: submit@bugs.debian.org
Subject: Bug#456672: openssh-server: authorized_keys from= doesn't loop around hostnames
From: Justin Pryzby <jpryzby+d@quoininc.com>
Date: Mon, 17 Dec 2007 09:20:52 -0500
Message-id: <[🔎] 20071217142052.GA5972@quoininc.com>
Reply-to: Justin Pryzby <jpryzby+d@quoininc.com>, 456672@bugs.debian.org

Package: openssh-server
Version: 1:4.3p2-9.1

I used the authorized_keys "from=" option to restrict access, and get
the following:

|Dec 17 03:55:03 moe sshd[13282]: Authentication tried for backup with
|correct key but not from a permitted host (host=smtp.quoininc.com,
|ip=64.191.84.165).

The machine in question has multiple PTR records:
165.84.191.64.in-addr.arpa domain name pointer smtp.quoininc.com.
165.84.191.64.in-addr.arpa domain name pointer domain.quoininc.com.
165.84.191.64.in-addr.arpa domain name pointer nyuk.quoininc.com.

So the connection fails 2/3 times.  I think openssh should loop around
all the hostnames/aliasen and fail only if a string comparison fails
every time.

Reply to:

Prev by Date: Bug#454403: openssh: openssh-server-udeb of arm depends zlib1g instead of zlib1g-udeb
Next by Date: Bug#456811: wishlist: asymmetric compression
Previous by thread: Free Penguin
Next by thread: Bug#456811: wishlist: asymmetric compression
Index(es):
- Date
- Thread