Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 278823 - net-misc/openssh-5.2_p1-r1: off-by-one error w/ config value MaxAuthTries
Summary: net-misc/openssh-5.2_p1-r1: off-by-one error w/ config value MaxAuthTries
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-23 11:32 UTC by Toralf Förster
Modified: 2011-06-06 22:30 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Toralf Förster gentoo-dev 2009-07-23 11:32:00 UTC 
I've set it to 4 to get 3 login attempts :

n22 /proc/net/xt_recent # grep MaxAuthTries /etc/ssh/sshd_config
MaxAuthTries 4


Reproducible: Always
Comment 1 SpanKY gentoo-dev 2009-07-26 17:01:01 UTC 
are you using ssh keys too ?  iirc, each key counts as an attempt.
Comment 2 Toralf Förster gentoo-dev 2009-07-26 19:07:34 UTC 
of course - PEBKAC
Comment 3 Norman Shulman 2011-06-06 22:30:38 UTC 
I can reproduce this without ssh keys.

From sshd_config on box137:

RSAAuthentication no
PubkeyAuthentication no

Moreover,

ndadm@box137 ~
$ ls ~admin/.ssh
known_hosts

But

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               0    

nshulman@nvsasus:~
$ ssh admin@192.168.23.137
Password: 

(I have typed nothing.)

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               1    06/06/11 18:10:24  192.168.20.31

Continuing with empty passwords:

Password: 
Password: 
Permission denied (keyboard-interactive).

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               3    06/06/11 18:14:51  192.168.20.31

nshulman@nvsasus:~
$ ssh admin@192.168.23.137
Password: 
Password: 
Account locked due to 6 failed logins
Password: 

(Nothing typed.)

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               6    06/06/11 18:15:30  192.168.20.31