bugzilla-daemon at mindrot.org
2024-Jul-03 01:30 UTC
[Bug 3705] New: Disk space exhaustion from PerSourcePenalties logging
https://bugzilla.mindrot.org/show_bug.cgi?id=3705 Bug ID: 3705 Summary: Disk space exhaustion from PerSourcePenalties logging Product: Portable OpenSSH Version: -current Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jtesta at positronsecurity.com As mentioned in https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-June/041416.html, the logging related to PerSourcePenalties (https://github.com/openssh/openssh-portable/blob/V_9_8/sshd.c#L606) was observed to output 73MB per minute when a very high rate of connection flooding is performed. This occurs using default options. Perhaps the non-default SYSLOG_LEVEL_VERBOSE level should be used instead. -- You are receiving this mail because: You are watching the assignee of the bug.
Possibly Parallel Threads
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- [Bug 3766] New: openssh PerSourcePenalties and pam_nologin interaction
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- PerSourcePenalties and ssh-copy-id
- An Analysis of the DHEat DoS Against SSH in Cloud Environments