Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-1684

Excessive artificial delays in sshd while login using AD user

XMLWordPrintable

    • openssh-8.0p1-21.el8
    • None
    • Important
    • 1
    • rhel-sst-security-crypto
    • ssg_security
    • 26
    • 0.2
    • QE ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q1
    • Enhancement
    • Hide
      .OpenSSH limits artificial delays in authentication

      OpenSSH’s response after login failure is artificially delayed to prevent user enumeration attacks. This update introduces an upper limit so that such artificial delays do not become excessively long when remote authentication takes too long, for example in privilege access management (PAM) processing.
      Show
      .OpenSSH limits artificial delays in authentication OpenSSH’s response after login failure is artificially delayed to prevent user enumeration attacks. This update introduces an upper limit so that such artificial delays do not become excessively long when remote authentication takes too long, for example in privilege access management (PAM) processing.
    • Done
    • None

      Description of problem:

      Excessive artificial delays in sshd while login using AD user.

      Reference https://bugzilla.redhat.com/show_bug.cgi?id=2133854

      openssh-8.0p1-10.el8.x86_64

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:
      1.
      2.
      3.

      Actual results:

      Expected results:

      Additional info:

              dbelyavs@redhat.com Dmitry Belyavskiy
              rhn-support-abroy Abhijit Roy
              Dmitry Belyavskiy Dmitry Belyavskiy
              Miluse Bezo Konecna Miluse Bezo Konecna
              Jan Fiala Jan Fiala
              Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

                Created:
                Updated:
                Resolved: