Date: Sat, 17 Nov 2001 15:47:08 -0500 (EST) From: The Anarcat <anarcat@anarcat.dyndns.org> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/32065: sshd 2.9 core dumps with UseLogin yes Message-ID: <20011117204708.57DA820ADB@shall.anarcat.dyndns.org>
index | next in thread | raw e-mail
>Number: 32065 >Category: bin >Synopsis: sshd 2.9 core dumps with UseLogin yes >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Nov 17 12:50:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: The Anarcat >Release: FreeBSD 4.4-STABLE i386 >Organization: Nada, Inc. >Environment: System: FreeBSD shall.anarcat.dyndns.org 4.4-STABLE FreeBSD 4.4-STABLE #0: Fri Nov 16 12:57:38 EST 2001 anarcat@shall.anarcat.dyndns.org:/usr/obj/usr/src/sys/SHALL i386 CVSup'd on 15.11.2001. >Description: After a recent upgrade from 14.09.2001 to 15.11.2001, I couldn't login nor use my sshd's anywhere anymore. They all have UseLogin yes in their config file. In the logs, I see: /kernel: pid 58148 (sshd), uid 0: exited on signal 11 sshd[58147]: error: fcntl(4, F_SETFL, O_NONBLOCK): Resource temporarily unavailable sshd doesn't always core dump (which is strange, in itself). But from the client, I get a simple "connection closed". sshd keeps on taking connections (it the childs that die). This problem disappears when I remove UseLogin yes from my config file. This problem might be related with some late login changes, but I would be surprised. From 14.09 to 15.11, openssh 2.9 was MFC'd, so I'd suspect that would be the problem. Here is the output from sshd -ddde: debug1: sshd version OpenSSH_2.9 FreeBSD localisations 20010713 debug1: private host key: #0 type 0 RSA1 debug3: No RSA1 key file /etc/ssh/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Server will not fork when running in debugging mode. Connection from localhost port 1251 Connection from ::1 port 1251 debug1: Client protocol version 2.0; client software version OpenSSH_2.9 FreeBSD localisations 20010713 debug1: match: OpenSSH_2.9 FreeBSD localisations 20010713 pat ^OpenSSH Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.9 FreeBSD localisations 20010713 debug1: Rhosts Authentication disabled, originating port not trusted. debug1: list_hostkey_types: ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-dss debug2: kex_parse_kexinit: +aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,ri +jndael256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: +aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,ri +jndael256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: +hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: +hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: +aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,ri +jndael256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: +aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,ri +jndael256-cbc,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: +hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: +hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: dh_gen_key: priv key bits set: 124/256 debug1: bits set: 1059/2049 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: bits set: 1023/2049 debug1: sig size 20 20 debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug3: Trying to reverse map address ::1. debug1: userauth-request for user anarcat service ssh-connection method none debug1: attempt 0 failures 0 debug2: input_userauth_request: setting up authctxt for anarcat debug1: Starting up PAM with username "anarcat" debug2: input_userauth_request: try method none Failed none for anarcat from ::1 port 1251 ssh2 debug1: userauth-request for user anarcat service ssh-connection method publickey debug1: attempt 1 failures 1 debug2: input_userauth_request: try method publickey debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 1000/1000 (e=0) debug1: restore_uid debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss Failed publickey for anarcat from ::1 port 1251 ssh2 debug1: userauth-request for user anarcat service ssh-connection method publickey debug1: attempt 2 failures 2 debug2: input_userauth_request: try method publickey debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 1000/1000 (e=0) debug1: restore_uid debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss Failed publickey for anarcat from ::1 port 1251 ssh2 debug1: userauth-request for user anarcat service ssh-connection method password debug1: attempt 3 failures 3 debug2: input_userauth_request: try method password debug1: PAM Password authentication accepted for user "anarcat" debug1: PAM setting rhost to "localhost" Accepted password for anarcat from ::1 port 1251 ssh2 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 32768 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: init debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug2: callback start debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 channel 0 request pty-req reply 0 debug1: session_pty_req: session 0 alloc /dev/ttyp5 debug2: tty_parse_modes: SSH2 n_bytes 251 debug2: tty_parse_modes: ospeed 38400 debug2: tty_parse_modes: ispeed 38400 debug2: callback done debug2: callback start debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 channel 0 request shell reply 0 debug1: PAM setting tty to "/dev/ttyp5" debug1: do_pam_session: euid 0, uid 0 debug1: PAM establishing creds debug1: channel 0: rfd 4 isatty debug1: fd 4 setting O_NONBLOCK debug1: fd 3 IS O_NONBLOCK debug2: callback done debug1: Setting controlling tty using TIOCSCTTY. debug1: Received SIGCHLD. debug3: tvp!=NULL kid 1 mili 100 debug1: session_by_pid: pid 58305 debug1: session_exit_message: session 0 channel 0 pid 58305 debug1: session_exit_message: release channel 0 debug1: channel 0: write failed debug1: channel 0: output open -> closed debug1: channel 0: close_write debug1: session_pty_cleanup: session 0 release /dev/ttyp5 debug1: session_free: session 0 pid 58305 debug1: channel 0: read<=0 rfd 4 len 0 debug1: channel 0: read failed debug1: channel 0: input open -> drain debug1: channel 0: close_read debug1: channel 0: input: no drain shortcut debug1: channel 0: ibuf empty debug1: channel 0: input drain -> closed debug1: channel 0: send eof debug1: channel 0: send close debug2: channel 0: no data after CLOSE debug2: channel 0: no data after CLOSE debug1: channel 0: rcvd close debug2: channel 0: no data after CLOSE debug1: channel 0: is dead debug1: channel_free: channel 0: status: The following connections are open: #0 server-session (t4 r0 i8/0 o128/0 fd -1/-1) Connection closed by remote host. Closing connection to ::1 GDB backtrace: #0 0x281fc4a7 in strncmp () from /usr/lib/libc.so.4 #1 0xbfbfed7c in ?? () #2 0x8056e35 in getsockname () #3 0x8056049 in getsockname () #4 0x8057e12 in getsockname () #5 0x8057ffa in getsockname () #6 0x8064909 in xstrdup () #7 0x805e777 in getsockname () #8 0x80518a3 in getsockname () #9 0x8051e91 in getsockname () #10 0x8058643 in getsockname () #11 0x80553ed in getsockname () #12 0x8053543 in getsockname () #13 0x804dbc3 in getsockname () #14 0x804c0c5 in getsockname () >How-To-Repeat: echo "UseLogin yes" >> /etc/ssh/sshd_config /usr/sbin/sshd -ddde & ssh localhost # enter password: bang. >Fix: Workaround: s/UseLogin yes/UseLogin no/ Fix unknown >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011117204708.57DA820ADB>