After upgrading a public-facing SSH server, error messages have started to spam dmesg logs: blacklistd: message too short 144 blacklistd: no message (No such file or directory) Filing this as a bug to track it. In the meantime, I have done this horrible thing: --- crypto/openssh/auth.c +++ crypto/openssh/auth.c @@ -555,7 +555,7 @@ getpwnamallow(struct ssh *ssh, const char *user) aix_restoreauthdb(); #endif if (pw == NULL) { - BLACKLIST_NOTIFY(ssh, BLACKLIST_BAD_USER, user); + BLACKLIST_NOTIFY(ssh, BLACKLIST_BAD_USER, "user"); logit("Invalid user %.100s from %.100s port %d", user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); #ifdef CUSTOM_FAILED_LOGIN
^Triage: emaste updated OpenSSH in base most recently, request feedback
This may have already been addresses by base 0f9bafdfc325 via bug 1926107 If so, please close this as a duplicate
Hat was not a bug reference, but a commit reference: base 19261079b743
(In reply to Kubilay Kocak from comment #2) I don't think this issue has been addressed yet. My understanding is that it triggers when there is no user. For example: $ ssh -l "" ssh-server N times (N = the number of times to trigger blacklistd), and the SSH server is configured with: KbdInteractiveAuthentication no UseBlacklist yes I would guess a validation, to check if user is not NULL/empty string, etc. is missing. But I'll let someone more familiar with the code actually address this issue. Thank you for triaging!
I have also filed an issue upstream: https://github.com/zoulasc/blocklist/issues/2
Upstream has committed a fix: https://github.com/zoulasc/blocklist/commit/ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08 commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-07-18 00:43:52 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-07-18 12:55:30 +0000 blacklistd: Handle 0 sized messages Patch obtained from https://github.com/zoulasc/blocklist commit ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a PR: 264599 MFC after: 1 week contrib/blacklist/lib/bl.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=35cdb601016b2dbdb9f5e296ac4b5f42248eddf5 commit 35cdb601016b2dbdb9f5e296ac4b5f42248eddf5 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-07-18 00:43:52 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-07-25 14:57:24 +0000 blacklistd: Handle 0 sized messages Patch obtained from https://github.com/zoulasc/blocklist commit ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a PR: 264599 MFC after: 1 week (cherry picked from commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08) contrib/blacklist/lib/bl.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-)
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=5f7ae464db5bd1527a844c228afc269cedb6822c commit 5f7ae464db5bd1527a844c228afc269cedb6822c Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-07-18 00:43:52 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-07-25 15:00:11 +0000 blacklistd: Handle 0 sized messages Patch obtained from https://github.com/zoulasc/blocklist commit ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a PR: 264599 MFC after: 1 week (cherry picked from commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08) contrib/blacklist/lib/bl.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-)
Thank you Ed! I'll try to submit some minor fixes for blacklistd that aren't in the base system yet.