Useless log message "POSSIBLE BREAK-IN ATTEMPT"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

On Fri, 27 Dec 2013, Dan Mahoney, System Admin wrote:

> I think the point here is that there's no option for openSSH to then
> *drop the connection* or refuse it. OpenSSH *checks*, but does not
> *enforce* anything.

That's not entriely true. from=... restrictions in authorized_keys and
"Match host" sections in sshd_config depend on the hostname. In the
reverse-mapping check failed case, they don't get to see the original
(probably untrustworthy) hostname and are just passed the IP address.

Basically, the things that depend on the hostname will not be shown one
that appears spoofed.

-d
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux