Date: Thu, 31 Jan 2002 13:40:02 -0800 (PST) From: "Jin Guojun[ITG]" <j_guojun@lbl.gov> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/34502: ssh can crash the 4.5 system Message-ID: <200201312140.g0VLe2V98483@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/34502; it has been noted by GNATS.
From: "Jin Guojun[ITG]" <j_guojun@lbl.gov>
To: parv <parv_@yahoo.com>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/34502: ssh can crash the 4.5 system
Date: Thu, 31 Jan 2002 13:31:50 -0800
parv wrote:
>
> in message <200201312023.g0VKNex00336@eubie.lbl.gov>,
> wrote Jin.Guojun@eubie.lbl.gov thusly...
> >
> > System: FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Wed Jan 30 09:39:25 PST 2002
> >
> > OpenSSH_2.9 FreeBSD localisations 20011202
> >
> > >Description:
> > Problem 1:
> > ssh localhost
> > cause system panic. A local user can use it to crash all 4.5 systems.
>
> i just tried "ssh localhost" w/o any problems on 4.5-release
> 2002.01.24.19.00.47 utc.
# ssh -v localhost
OpenSSH_2.9 FreeBSD localisations 20011202, SSH protocols 1.5/2.0, OpenSSL
0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to localhost [::1] port 22.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
---- crashing
Read from remote host peer.lbl.gov: Connection reset by peer
Connection to peer.lbl.gov closed.
This time I tried as a root who has no ssh set up at all. So, I do not
think this is related to .ssh/ set up. I have tried on three machines:
Dual 200Mhz Pentium
500Mhz Celeron
700MHz AMD
>
> > Problem 2:
> >
> > does not work for protocol 2. After rename authorized_keys to
> > x.authorized_keys (i.e., disable protocol 1), then ssh will ask
> > password instead of passphase:
>
> isn't that the way ssh supposed to work: in absence of keys ask the
> password?
The authorized_keys2 is there (not missing). Below is the manual page:
...
SSH protocol version 2
When a user connects using the protocol version 2 different authentica-
tion methods are available: At first, the client attempts to authenticate
using the public key method. If this method fails password authentica-
tion is tried.
The public key method is similar to RSA authentication described in the
previous section except that the DSA algorithm is used instead of the
patented RSA algorithm. The client uses his private DSA key
$HOME/.ssh/id_dsa to sign the session identifier and sends the result to
the server. The server checks whether the matching public key is listed
in $HOME/.ssh/authorized_keys2 and grants access if both the key is found
and the signature is correct. The session identifier is derived from a
shared Diffie-Hellman value and is only known to the client and the serv-
er.
If public key authentication fails or is not available a password can be
sent encrypted to the remote host for proving the user's identity. This
protocol 2 implementation does not yet support Kerberos or OPIE authenti-
cation.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201312140.g0VLe2V98483>