Limit to Match Address Line?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Now that openssh has stopped supporting hosts.allow, is there any limit
to the number of addresses or characters in a Match Address line in
/etc/ssh/sshd_config? There is a limit to the line length in a
hosts.allow line. (Otherwise tcpwrappers goes into an eternal loop-a bug
Venema refused to fix). Is there any limit to the Match Address line?
(I have an automated system which looks for too many invalid logins and
adds an entry to the files to disallow ssh.)

Re: Limit to Match Address Line?

Quoted text here. Click to load it

It seems that there IS a maximum, somewhere around 5000 characters in
the line. If One has a longer set of addresses than that, sshd does not
start, and instead gives a "configuration line too long" error message
in the logs. At least it does not crash like tcpwrapper does, it
prevents sshd from starting at all, which might be worse.  

Site Timeline