Date: Fri, 11 Jul 2003 18:57:44 +0100 From: Paul Civati <paul@xciv.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: paul@xciv.org Subject: bin/54394: SSH/v1 leaves dead processes after session ends (4.8-REL) Message-ID: <E19b29Q-0003fj-00@mailhost.xciv.org> Resent-Message-ID: <200307111800.h6BI0Pmb049396@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 54394 >Category: bin >Synopsis: SSH/v1 leaves dead processes after session ends (4.8-REL) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jul 11 11:00:25 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Paul Civati >Release: FreeBSD 4.8-RELEASE i386 >Organization: >Environment: FreeBSD 4.8-RELEASE i386 >Description: Between 4.7-REL and 4.8-REL ssh was upgraded and now exhibits the following bug. If you connect with protocol v1 you get three ssh processes, one of which never dies, even after the ssh session has been closed. % ps aux | grep ssh root 219 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root 265 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root 580 0.0 0.3 2592 640 ?? Is Wed09PM 0:01.54 /usr/sbin/sshd root 584 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: root [priv root 592 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: root [priv root 1687 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: root [priv root 5077 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: root [priv root 40458 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root 40467 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root 41042 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root 79545 0.0 0.6 5292 1568 ?? I 10:33AM 0:00.03 sshd: paul [priv root 79547 0.0 0.6 4076 1532 ?? I 10:33AM 0:00.00 sshd: paul [priv paul 79548 0.0 0.7 5292 1656 ?? S 10:33AM 0:00.41 sshd: paul@ttyp0 root 80170 0.0 0.7 5292 1624 ?? I 11:07AM 0:00.03 sshd: paul [priv root 80172 0.0 0.6 4076 1592 ?? I 11:07AM 0:00.00 sshd: paul [priv paul 80173 0.0 0.8 5292 2044 ?? I 11:07AM 0:00.01 sshd: paul@ttypc root 80290 0.0 0.7 5292 1644 ?? I 11:12AM 0:00.02 sshd: paul [priv paul 80319 0.0 0.7 5292 1704 ?? I 11:14AM 0:00.01 sshd: paul@ttypd You'll see the dead ssh processes without any timestamp, two open v1 connections with three processes, and one v2 connection with just two processes. The nasty problem with this I've found is that once you reach a certain number of these dead processes lying around, ssh seems to start refusing connections with: ssh_exchange_identification: Connection closed by remote host Hence this bug has been submitted as 'serious' severity. >How-To-Repeat: Connect to sshd in 4.8-REL using protocol v1 and then close the session. >Fix: Use SSH protocol v2. ;) >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E19b29Q-0003fj-00>