Created attachment 2173
Prepends a comment longer than 1024 chars to sshd_config
(I searched and i did not find this behaviour documented e.g. as known bug. Forgive me if i have missed it)
When sshd_config contains a comment of more than 1023 chars, it treats char 1024+ as valid configuration. That usually breaks the config, or (in case there accidentally is valid sshd_config syntax) is unwanted.
To verify the bug, apply appended patch to sshd_config (that prepends a long comment) and try to start ssh. You will see this:
$ sudo /usr/local/sbin/sshd
/usr/local/etc/sshd_config: line 2: Bad configuration option: ThisIsTheEndOfALongComment
/usr/local/etc/sshd_config: terminating, 1 bad configuration options
Note that it complains about line 2 though the offending comment is in line 1.
It is worth mentioning that active configuration lines longer than 1023 chars work fine. (I discovered this bug when i commented out a long "Match Address" list)
This bug strikes at on
* openssh-6.0p1 from openssh.com (built on Ubuntu 11.10 i686)
* openssh-server-5.3p1-70.el6_2.2.x86_64 (CentOS 6.2)
* openssh-server 1:5.3p1-3ubuntu7 (Ubuntu 10.04 LTS)
* openssh-server 1:5.8p1-7ubuntu1 (Ubuntu 11.10)
* openssh-server 1:5.9p1-5ubuntu1 (Ubuntu 12.04 LTS)
Created attachment 2173
Prepends a comment longer than 1024 chars to sshd_config
(I searched and i did not find this behaviour documented e.g. as known bug. Forgive me if i have missed it)
When sshd_config contains a comment of more than 1023 chars, it treats char 1024+ as valid configuration. That usually breaks the config, or (in case there accidentally is valid sshd_config syntax) is unwanted.
To verify the bug, apply appended patch to sshd_config (that prepends a long comment) and try to start ssh. You will see this:
$ sudo /usr/local/ sbin/sshd local/etc/ sshd_config: line 2: Bad configuration option: ThisIsTheEndOfA LongComment local/etc/ sshd_config: terminating, 1 bad configuration options
/usr/
/usr/
Note that it complains about line 2 though the offending comment is in line 1.
It is worth mentioning that active configuration lines longer than 1023 chars work fine. (I discovered this bug when i commented out a long "Match Address" list)
This bug strikes at on server- 5.3p1-70. el6_2.2. x86_64 (CentOS 6.2)
* openssh-6.0p1 from openssh.com (built on Ubuntu 11.10 i686)
* openssh-
* openssh-server 1:5.3p1-3ubuntu7 (Ubuntu 10.04 LTS)
* openssh-server 1:5.8p1-7ubuntu1 (Ubuntu 11.10)
* openssh-server 1:5.9p1-5ubuntu1 (Ubuntu 12.04 LTS)
(See also https:/ /bugs.launchpad .net/ubuntu/ +source/ openssh/ +bug/1023360)