Bug 2025

Created attachment 2173 [details]
Prepends a comment longer than 1024 chars to sshd_config

(I searched and i did not find this behaviour documented e.g. as known bug. Forgive me if i have missed it)


When sshd_config contains a comment of more than 1023 chars, it treats char 1024+ as valid configuration. That usually breaks the config, or (in case there accidentally is valid sshd_config syntax) is unwanted.

To verify the bug, apply appended patch to sshd_config (that prepends a long comment) and try to start ssh. You will see this:

  $ sudo /usr/local/sbin/sshd
  /usr/local/etc/sshd_config: line 2: Bad configuration option: ThisIsTheEndOfALongComment
  /usr/local/etc/sshd_config: terminating, 1 bad configuration options

Note that it complains about line 2 though the offending comment is in line 1.

It is worth mentioning that active configuration lines longer than 1023 chars work fine. (I discovered this bug when i commented out a long "Match Address" list)

This bug strikes at on
 * openssh-6.0p1 from openssh.com (built on Ubuntu 11.10 i686)
 * openssh-server-5.3p1-70.el6_2.2.x86_64 (CentOS 6.2)
 * openssh-server 1:5.3p1-3ubuntu7 (Ubuntu 10.04 LTS)
 * openssh-server 1:5.8p1-7ubuntu1 (Ubuntu 11.10)
 * openssh-server 1:5.9p1-5ubuntu1 (Ubuntu 12.04 LTS)

(See also https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1023360)