regex error causes hosts to not be denied
Bug #133569 reported by
Marcus Sundman
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
denyhosts (Debian) |
Fix Released
|
Unknown
|
|||
denyhosts (Fedora) |
Fix Released
|
Medium
|
|||
denyhosts (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Edgy |
Fix Released
|
Undecided
|
William Grant | ||
Feisty |
Fix Released
|
Medium
|
William Grant | ||
Gutsy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: denyhosts
I'm running feisty and sometimes hosts don't get blocked.
The /var/log/denyhosts file contains a lot of lines like this:
2007-08-19 04:32:09,062 - denyhosts : ERROR regex pattern ( User (?P<user>.*) not allowed because not listed in AllowUsers ) is missing 'host' group
This is the same as the debian bug #425519, which seems to be fixed in the debian package denyhosts_2.6-2. Thus a quick resync to a newer debian package ought to fix this.
Changed in denyhosts: | |
status: | New → Fix Released |
assignee: | nobody → fujitsu |
status: | New → In Progress |
assignee: | nobody → fujitsu |
status: | Triaged → In Progress |
Changed in denyhosts: | |
status: | Unknown → Fix Released |
Changed in denyhosts: | |
status: | Unknown → Fix Released |
Changed in denyhosts: | |
status: | Fix Committed → Fix Released |
Changed in denyhosts (Fedora): | |
importance: | Unknown → Medium |
To post a comment you must log in.
Description of problem:
I have "PermitRootLogin no" in sshd_config to prevent logins as username
root. I also only allow specific usernames to log in, so I have AllowUsers set
in sshd_config.
When someone does attempt to login as root, I see this in /var/log/secure:
Apr 23 07:03:53 machinename sshd[29961]: User root from 122.36.2.10
not allowed because not listed in AllowUsers
and the corresponding entry in /var/log/denyhosts
2007-04-23 07:04:07,805 - denyhosts : ERROR regex pattern ( User (?P<user>.
*) not allowed because not listed in AllowUsers ) is missing 'host' group
... and the attacker goes unblocked and undetected by denyhosts.
Version-Release number of selected component (if applicable): clients- 4.3p2-19. fc6 4.3p2-19. fc6 server- 4.3p2-19. fc6 askpass- 4.3p2-19. fc6
denyhosts-2.6-2.fc6
openssh-
openssh-
openssh-
openssh-