Trustix advisory for OpenSSH

20

Author: JT Smith

LinuxSecurity.com has posted the Trustix announcement for that OpenSSH issue: “Depending on the order of the user keys in ~/.ssh/authorized_keys2
sshd might fail to apply the source IP based access control
restriction (e.g. from=”10.0.0.1″) to the correct key. Users can circumvent the system policy and login from disallowed
source IP addresses.”

Category:

  • Linux