Bug 278823

Summary:	net-misc/openssh-5.2_p1-r1: off-by-one error w/ config value MaxAuthTries
Product:	Gentoo Linux	Reporter:	Toralf Förster <toralf>
Component:	Current packages	Assignee:	Gentoo's Team for Core System packages <base-system>
Status:	RESOLVED INVALID
Severity:	normal	CC:	norman.shulman
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Toralf Förster gentoo-dev

2009-07-23 11:32:00 UTC

I've set it to 4 to get 3 login attempts :

n22 /proc/net/xt_recent # grep MaxAuthTries /etc/ssh/sshd_config
MaxAuthTries 4


Reproducible: Always

Comment 1 SpanKY gentoo-dev

2009-07-26 17:01:01 UTC

are you using ssh keys too ?  iirc, each key counts as an attempt.

Comment 2 Toralf Förster gentoo-dev

2009-07-26 19:07:34 UTC

of course - PEBKAC

Comment 3 Norman Shulman 2011-06-06 22:30:38 UTC

I can reproduce this without ssh keys.

From sshd_config on box137:

RSAAuthentication no
PubkeyAuthentication no

Moreover,

ndadm@box137 ~
$ ls ~admin/.ssh
known_hosts

But

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               0    

nshulman@nvsasus:~
$ ssh admin@192.168.23.137
Password: 

(I have typed nothing.)

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               1    06/06/11 18:10:24  192.168.20.31

Continuing with empty passwords:

Password: 
Password: 
Permission denied (keyboard-interactive).

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               3    06/06/11 18:14:51  192.168.20.31

nshulman@nvsasus:~
$ ssh admin@192.168.23.137
Password: 
Password: 
Account locked due to 6 failed logins
Password: 

(Nothing typed.)

ndadm@box137 ~
$ sudo pam_tally2 --user admin
Login           Failures Latest failure     From
admin               6    06/06/11 18:15:30  192.168.20.31