[Bug 264599] openssh: blacklistd: message too short/no message errors

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 264599] blacklistd: message too short/no message errors"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 11 Jun 2022 14:01:50 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264599

--- Comment #4 from Jose Luis Duran <jlduran@gmail.com> ---
(In reply to Kubilay Kocak from comment #2)

I don't think this issue has been addressed yet. My understanding is that it
triggers when there is no user. For example:

    $ ssh -l "" ssh-server

N times (N = the number of times to trigger blacklistd), and the SSH server is
configured with:

    KbdInteractiveAuthentication no
    UseBlacklist yes

I would guess a validation, to check if user is not NULL/empty string, etc. is
missing. But I'll let someone more familiar with the code actually address this
issue.

Thank you for triaging!

-- 
You are receiving this mail because:
You are the assignee for the bug.