Bug 3352

Summary: subnet mask invalid in pattern matching
Product: Portable OpenSSH Reporter: Lioh <lioh.moeller>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WORKSFORME    
Severity: enhancement CC: djm, dtucker
Priority: P5    
Version: 8.8p1   
Hardware: Other   
OS: Linux   

Description Lioh 2021-10-07 22:32:17 AEDT 
We are trying to define an AllowUsers rule like user@2001:xxx:xxx:xxx::/64 which works fine, but using a different subnet mask e.g. 2001:xxx:xxx:xxx::/53 leads to an error like: invalid AllowUsers pattern
Comment 1 Darren Tucker 2021-10-08 10:30:03 AEDT 
Are you sure the values of xxx you have elided are actually a valid /53 subnet (ie all of the bits 54-128 are zero?).

$ sudo /usr/sbin/sshd -T -o 'AllowUsers user@2001::/53' | grep allowusers
allowusers user@2001::/53

$ sudo /usr/sbin/sshd -T -o 'AllowUsers user@2001::1/53'
command-line line 0: invalid AllowUsers pattern: "user@2001::1/53"
Comment 2 Damien Miller 2022-01-14 15:31:35 AEDT 
closing for lack of followup
Comment 3 Damien Miller 2022-02-25 13:57:18 AEDT 
closing bugs resolved before openssh-8.9