Changeset 1739 for trunk/server/common

Nov 20, 2010, 9:15:16 PM (13 years ago)
Eliminate spurious opsnssh error messages related to public keys

If the following conditions apply:
  o Someone attempt to authenticate to an account with an ssh key
  o The account has an authorized_keys file
  o Entries in authorized_keys have restrictions (i.e. "from=" clauses)
  o The attempted key matches the type (RSA/DSA) of the restricted key(s)
  o The attempted key is not actually one of the authorized keys

You will get a spurious error message that claims:
  "Authentication tried for _____ with correct key but not from a
   permitted host (host=______, ip=________)."
even though there is no correct key involved.

This is OpenSSH bug 1765 (
and the patch is backported from the one committed in that ticket
1 added

Note: See TracChangeset for help on using the changeset viewer.