[Bug 2060150] [NEW] openssh sets PAM_RHOST to UNKNOWN causing slow logins
Luca Boccassi
2060150 at bugs.launchpad.net
Wed Apr 3 17:23:53 UTC 2024
Public bug reported:
When using sshd's -i option with stdio that is not a AF_INET/AF_INET6
socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then
set as the value of PAM_RHOST, causing pam to try to do a reverse DNS
query of "UNKNOWN", which times out multiple times, causing a
substantial slowdown when logging in.
upstream PR: https://github.com/openssh/openssh-portable/pull/388
upstream email: https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-April/041289.html
Fedora backport: https://src.fedoraproject.org/rpms/openssh/pull-request/71
Debian backport: https://salsa.debian.org/ssh-team/openssh/-/merge_requests/25
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2060150
Title:
openssh sets PAM_RHOST to UNKNOWN causing slow logins
Status in openssh package in Ubuntu:
New
Bug description:
When using sshd's -i option with stdio that is not a AF_INET/AF_INET6
socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then
set as the value of PAM_RHOST, causing pam to try to do a reverse DNS
query of "UNKNOWN", which times out multiple times, causing a
substantial slowdown when logging in.
upstream PR: https://github.com/openssh/openssh-portable/pull/388
upstream email: https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-April/041289.html
Fedora backport: https://src.fedoraproject.org/rpms/openssh/pull-request/71
Debian backport: https://salsa.debian.org/ssh-team/openssh/-/merge_requests/25
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2060150/+subscriptions
More information about the foundations-bugs
mailing list