mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-11-27 14:44:21 +08:00
- djm@cvs.openbsd.org 2010/06/25 23:10:30
[ssh.c] log the hostname and address that we connected to at LogLevel=verbose after authentication is successful to mitigate "phishing" attacks by servers with trusted keys that accept authentication silently and automatically before presenting fake password/passphrase prompts; "nice!" markus@
This commit is contained in:
parent
bda3ecafca
commit
383ffe6c5f
@ -67,6 +67,13 @@
|
||||
[auth1.c auth2-none.c]
|
||||
skip the initial check for access with an empty password when
|
||||
PermitEmptyPasswords=no; bz#1638; ok markus@
|
||||
- djm@cvs.openbsd.org 2010/06/25 23:10:30
|
||||
[ssh.c]
|
||||
log the hostname and address that we connected to at LogLevel=verbose
|
||||
after authentication is successful to mitigate "phishing" attacks by
|
||||
servers with trusted keys that accept authentication silently and
|
||||
automatically before presenting fake password/passphrase prompts;
|
||||
"nice!" markus@
|
||||
|
||||
20100622
|
||||
- (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
|
||||
|
9
ssh.c
9
ssh.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh.c,v 1.338 2010/05/16 12:55:51 markus Exp $ */
|
||||
/* $OpenBSD: ssh.c,v 1.339 2010/06/25 23:10:30 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -829,6 +829,13 @@ main(int ac, char **av)
|
||||
ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
|
||||
pw, timeout_ms);
|
||||
|
||||
if (packet_connection_is_on_socket()) {
|
||||
verbose("Authenticated to %s ([%s]:%d).", host,
|
||||
get_remote_ipaddr(), get_remote_port());
|
||||
} else {
|
||||
verbose("Authenticated to %s (via proxy).", host);
|
||||
}
|
||||
|
||||
/* We no longer need the private host keys. Clear them now. */
|
||||
if (sensitive_data.nkeys != 0) {
|
||||
for (i = 0; i < sensitive_data.nkeys; i++) {
|
||||
|
Loading…
Reference in New Issue
Block a user