| Summary: | Multiple log entries for successful pubkey authentication | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Corinna Vinschen <vinschen> |
| Component: | sshd | Assignee: | OpenSSH Bugzilla mailing list <openssh-bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | normal | CC: | senthilkumar_sen |
| Priority: | P2 | ||
| Version: | 4.0p1 | ||
| Hardware: | All | ||
| OS: | All | ||
|
Description
Corinna Vinschen
2005-04-07 23:19:50 AEST
This occurs for all Key based Authentication methods. I noted it for gssapi in
hpux. Wht wud be the cause if we just make it to log once, something like only
for uid zero.
In auth.c
+ if(getuid() == 0)
authlog("%s %s for %s%.100s from %.200s port %d%s",
Did it hurt anywhere?
Also the failure messages like
Failed none for user from foo* port *22 ssh2
occurs twice in debug mode.
Adding a uid==0 test is too simple. It doesn't work for Cygwin where uid 0 has no meaning at all. Probably there should be a flag set if privsep_postauth() is skipped for whatever reason and tested before printing from the monitor process. >It doesn't work for Cygwin where uid 0 has no meaning at all.
Fine. Its not a thumb rule. But hoping tht the process ( with uid !=0 ) shld not
do this logging.
Is this still the case? (try a current snapshot from http://www.mindrot.org/openssh_snap) Darren fixed some bugs in this area back in May This was already fixed for 4.3p2, but I tested current openssh from CVS and it's not an issue anymore. I'll set the state of this issue to resolved. Thanks, Corinna Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4. |