bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-15 17:27 UTC
[Bug 1782] New: Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782
Summary: Match support for HostbasedUsesNameFromPacketOnly
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: imorgan at nas.nasa.gov
Created attachment 1860
--> https://bugzilla.mindrot.org/attachment.cgi?id=1860
Enable Match support for HostbasedUsesNameFromPacketOnly
Currently HostbasedUsesNameFromPacketOnly can only be set as a global
sshd_config option. This means that if hostbased authentication is
enabled and some of the client hosts are behind a NAT, then all
hostbased authentication attempts must only use the hostname from the
authentication packet.
A more surgical approach would be to allow this option to be enabled
on a per-IP bases. Thus the resolved name could be used for clients
that are not behind a NAT and those behind a NAT could use the name
supplied in the packet.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 00:39 UTC
[Bug 1782] Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |1708
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I'll try to commit this together with Match support for AuthorizedKeys
and a couple of others. Please see attachment #1863 on bug #1764
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-22 04:26 UTC
[Bug 1782] Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
fixed as part of bug #1764 - this will be in OpenSSH 5.6
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Jan-24 01:33 UTC
[Bug 1782] Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> 2011-01-24 12:33:32
EST ---
Move resolved bugs to CLOSED after 5.7 release
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.