bugzilla-daemon at mindrot.org
2024-Jul-03 01:30 UTC
[Bug 3705] New: Disk space exhaustion from PerSourcePenalties logging
https://bugzilla.mindrot.org/show_bug.cgi?id=3705
Bug ID: 3705
Summary: Disk space exhaustion from PerSourcePenalties logging
Product: Portable OpenSSH
Version: -current
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: jtesta at positronsecurity.com
As mentioned in
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-June/041416.html,
the logging related to PerSourcePenalties
(https://github.com/openssh/openssh-portable/blob/V_9_8/sshd.c#L606)
was observed to output 73MB per minute when a very high rate of
connection flooding is performed. This occurs using default options.
Perhaps the non-default SYSLOG_LEVEL_VERBOSE level should be used
instead.
--
You are receiving this mail because:
You are watching the assignee of the bug.
Reasonably Related Threads
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- CISA et al: "Exploring Memory Safety in Critical Open Source Projects"
- U2F support in OpenSSH HEAD