Package: openssh-server Version: 1:5.5p1-6+squeeze1 Consider an authorized_keys file of the form: # begin from="1.2.3.4,::ffff:1.2.3.4" ssh-rsa key1234 comment from="5.6.7.8,::ffff:5.6.7.8" ssh-rsa key5678 comment # end
Logging in from host 5.6.7.8 with RSA key key5678 succeeds but logs the following two messages on the server: Authentication tried for <username> with correct key but not from a permitted host (host=5.6.7.8, ip=5.6.7.8) Authentication tried for <username> with correct key but not from a permitted host (host=5.6.7.8, ip=5.6.7.8) Running the server with -dd reveals that these messages are emitted just after debug2: user_key_allowed: check options: 'from="1.2.3.4,::ffff:1.2.3.4" ssh-rsa key1234 comment' and before debug2: key_type_from_name: unknown key type 'from="5.6.7.8,::ffff:5.6.7.8"' debug2: user_key_allowed: check options: 'from="5.6.7.8,::ffff:5.6.7.8" ssh-rsa key5678 comment' On the client side, I see the following: debug1: Remote: Your host '5.6.7.8' is not permitted to use this key for login. debug1: Remote: Your host '5.6.7.8' is not permitted to use this key for login. It's clear from the source code (auth2-pubkey.c) that the "with correct key" part of the log message is just obfuscation: the validity of the key is still untested at the point where the message is emitted. This seems to have mild security implications: the client is able to tell how many other keys there are ahead of its own in the authorized keys file, an information leak. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
