Timestamp:
Nov 20, 2010, 9:15:16 PM (12 years ago)
Author:
mitchb
Message:
Eliminate spurious opsnssh error messages related to public keys

If the following conditions apply:
  o Someone attempt to authenticate to an account with an ssh key
  o The account has an authorized_keys file
  o Entries in authorized_keys have restrictions (i.e. "from=" clauses)
  o The attempted key matches the type (RSA/DSA) of the restricted key(s)
  o The attempted key is not actually one of the authorized keys

You will get a spurious error message that claims:
  "Authentication tried for _____ with correct key but not from a
   permitted host (host=______, ip=________)."
even though there is no correct key involved.

This is OpenSSH bug 1765 (https://bugzilla.mindrot.org/show_bug.cgi?id=1765)
and the patch is backported from the one committed in that ticket
(https://bugzilla.mindrot.org/attachment.cgi?id=1848).
File:
1 added

Note: See TracChangeset for help on using the changeset viewer.