Andrew’s SSH filtering causes me pain

Andrew has mentioned recently that he is trying to mitigate SSH attacks he is experiencing. That’s all fine and good, but I think I’ve found a bug:

foo@banana:~$ date
Sun Feb 20 14:29:52 EST 2005
foo@banana:~$ ssh mikal@anotherhost.net.au

foo@banana:~$ date
Sun Feb 20 14:30:43 EST 2005
foo@banana:~$ date
Sun Feb 20 14:31:49 EST 2005
foo@banana:~$ ssh mikal@anotherhost.net.au

foo@banana:~$ date
Sun Feb 20 14:32:28 EST 2005
foo@banana:~$ date
Sun Feb 20 14:41:04 EST 2005
foo@banana:~$ ssh mikal@anotherhost.net.au
The authenticity of host 'anotherhost.net.au (210.18.204.2)' can't be established.
RSA key fingerprint is ...
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'anotherhost.net.au' (RSA) to the list of known hosts.
Password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
No mail.

Last login: Sun Feb 20 09:18:22 2005 from somehost.somewhere.com.au
foo@daedalus:~$

[tags: linux debian ssh]