https://bugzilla.mindrot.org/show_bug.cgi?id=3853
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> --- sshd can't really do anything to fix this because sshd isn't aware of stuff beneath the POSIX pwd.h API. One thing you can do is to ban usernames in non-standard forms using more Match rules, e.g. > Match user *\\* > RefuseConnection yes Ideally your NSS configuration (or whatever you're using to connect to AD) would have an option to only accept names in a canonical form. sshd is not the only software that can get bitten by this. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
