September 27, 2001

Advisory: OpenSSH between 2.5.x and 2.9.x

Author: JT Smith

From Net-Security.org: "Depending on the order of the user keys in
~/.ssh/authorized_keys2 sshd might fail to apply the
source IP based access control restriction (e.g.
from="10.0.0.1") to the correct key:

If a source IP restricted key (e.g. DSA key) is
immediately followed by a key of a different type (e.g.
RSA key), then key options for the second key are applied
to both keys, which includes 'from='."

Category:

  • Linux
Click Here!