• Icon: Bug Bug
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • rhel-9.4.z
    • openssh
    • None
    • Low
    • 1
    • rhel-sst-security-crypto
    • ssg_security
    • 0.5
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q4
    • None
    • None
    • Known Issue
    • Hide
      .OpenSSH no longer logs timeout before authentication

      OpenSSH does not record a timeout before authentication for `$IP port $PORT` to the log. This might be important because the Fail2Ban intrusion prevention daemon and similar systems use these log records in its `mdre-ddos` regular expression and no longer ban the IPs of clients that attempt this type of attack. There is currently no known workaround for this problem.
      Show
      .OpenSSH no longer logs timeout before authentication OpenSSH does not record a timeout before authentication for `$IP port $PORT` to the log. This might be important because the Fail2Ban intrusion prevention daemon and similar systems use these log records in its `mdre-ddos` regular expression and no longer ban the IPs of clients that attempt this type of attack. There is currently no known workaround for this problem.
    • Done
    • All
    • None

      What were you trying to do that didn't work?

      "Timeout before authentication for $IP port $PORT" is no longer logged; this might be notable because Fail2Ban uses it in its mdre-ddos regex and will no longer ban clients by their IPs for attempting this specific kind of attack.

      Please provide the package NVR for which bug is seen:

      openssh-8.7p1-38.el9_4.1

      How reproducible:

      Always

      Steps to reproduce

      1. Try to connect and when the system asks for a password, leave it to timeout.

      Expected results

      The message should be logged.

      Actual results

      The message is not logged. 

              jafiala@redhat.com Jan Fiala
              rh-ee-gpantela George Pantelakis
              Dmitry Belyavskiy Dmitry Belyavskiy
              Miluse Bezo Konecna Miluse Bezo Konecna
              Jan Fiala Jan Fiala
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: