Date: Thu, 22 Mar 2001 11:56:33 -0500 From: James Snow <snow@teardrop.org> To: freebsd-stable@freebsd.org Subject: sshv2 seems to be busted as of last night? Message-ID: <20010322115633.A18513@teardrop.org>
next in thread | raw e-mail | index | archive | help
Looking at my cvsup from last night I figured the official fixes for the 'ssh2 cores on invalid username' and the sigpipe bug had gone in. So I remade /usr/src/secure/usr.sbin/sshd but there now seems to be another problem with ssh2. (ssh1 still works.) uname -a: FreeBSD silver.teardrop.org 4.2-STABLE FreeBSD 4.2-STABLE #0: Tue Jan 30 17:01:38 EST 2001 snow@silver.teardrop.org:/usr/obj/usr/src/sys/SILVER i386 Below, I fire up an sshd on an arbitrary port. ssh1 is still working, so I left the daemon running on 22 so I can login there. Then I login from another 4.2-S box. sshd -d -p 2222: ebug1: sshd version OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug1: read DSA private key done debug1: Bind to port 2222 on 0.0.0.0. Server listening on 0.0.0.0 port 2222. Generating 768 bit RSA key. RSA key generation complete. debug1: Server will not fork when running in debugging mode. Connection from fireext.cinteractive.com port 1073 Connection from 205.181.101.2 port 1073 debug1: Client protocol version 2.0; client software version OpenSSH_2.3.0 debug1: match: OpenSSH_2.3.0 pat ^OpenSSH[-_]2\.3 Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-1.99-OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug1: send KEXINIT debug1: done debug1: wait KEXINIT debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug1: got kexinit: ssh-dss debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com debug1: got kexinit: none debug1: got kexinit: none debug1: got kexinit: debug1: got kexinit: debug1: first kex follow: 0 debug1: reserved: 0 debug1: done debug1: kex: client->server 3des-cbc hmac-sha1 none debug1: kex: server->client 3des-cbc hmac-sha1 none debug1: Wait SSH2_MSG_KEX_DH_GEX_REQUEST. /etc/ssh/primes: No such file or directory WARNING: /etc/ssh/primes does not exist, using old prime debug1: bits set: 504/1024 debug1: Sending SSH2_MSG_KEX_DH_GEX_GROUP. debug1: Wait SSH2_MSG_KEX_DH_GEX_INIT. debug1: bits set: 512/1024 debug1: sig size 20 20 debug1: send SSH2_MSG_NEWKEYS. debug1: done: send SSH2_MSG_NEWKEYS. debug1: Wait SSH2_MSG_NEWKEYS. debug1: GOT SSH2_MSG_NEWKEYS. debug1: done: KEX2. debug1: userauth-request for user snow service ssh-connection method none debug1: attempt #1 debug1: Starting up PAM with username "snow" Failed none for snow from 205.181.101.2 port 1073 ssh2 debug1: userauth-request for user snow service ssh-connection method password debug1: attempt #2 debug1: PAM Password authentication accepted for user "snow" debug1: PAM setting rhost to "fireext.cinteractive.com" Accepted password for snow from 205.181.101.2 port 1073 ssh2 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 32768 max 16384 debug1: open session debug1: channel 0: new [server-session] debug1: session_new: init debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: confirm session debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 channel 0 request pty-req reply 0 debug1: session_pty_req: session 0 alloc /dev/ttyp7 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 channel 0 request shell reply 0 debug1: PAM setting tty to "/dev/ttyp7" debug1: do_pam_session: euid 0, uid 0 debug1: PAM establishing creds debug1: fd 7 setting O_NONBLOCK debug1: fd 3 IS O_NONBLOCK debug1: Setting controlling tty using TIOCSCTTY. Ok, so far so good. I seem to be logged in. The system seems to confirm this: snow p7 <other.box> 11:41AM 1 -bash (bash) Client side, however, I see this: ssh -v -2 -p 2222 -l snow silver.teardrop.org: SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 100 geteuid 100 anon 1 debug: Connecting to silver.teardrop.org [205.181.101.128] port 2222. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: match: OpenSSH_2.3.0 green@FreeBSD.org 20010321 pat ^OpenSSH[-_]2\.3 Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.3.0 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug: reserved: 0 debug: done debug: kex: server->client 3des-cbc hmac-sha1 none debug: kex: client->server 3des-cbc hmac-sha1 none debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST. debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP. debug: Got SSH2_MSG_KEX_DH_GEX_GROUP. debug: bits set: 512/1024 debug: Sending SSH2_MSG_KEX_DH_GEX_INIT. debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY. debug: Got SSH2_MSG_KEXDH_REPLY. debug: Host 'silver.teardrop.org' is known and matches the DSA host key. debug: bits set: 504/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature correct debug: Wait SSH2_MSG_NEWKEYS. debug: GOT SSH2_MSG_NEWKEYS. debug: send SSH2_MSG_NEWKEYS. debug: done: send SSH2_MSG_NEWKEYS. debug: done: KEX2. debug: send SSH2_MSG_SERVICE_REQUEST debug: service_accept: ssh-userauth debug: got SSH2_MSG_SERVICE_ACCEPT debug: authentications that can continue: publickey,password debug: next auth method to try is publickey debug: key does not exist: /usr/home/snow/.ssh/id_dsa debug: next auth method to try is password snow@silver.teardrop.org's password: debug: ssh-userauth2 successfull: method password debug: channel 0: new [client-session] debug: send channel open 0 debug: Entering interactive session. debug: client_init id 0 arg 0 debug: channel request 0: shell debug: channel 0: open confirm rwindow 0 rmax 0 All well and good except that this is where it stops. Where's my login prompt? This terminal is now hung. ^C, ^Z, ^D, and ~. won't get me out of here. I have to kill -9 this ssh session from elsewhere or ^C the daemon. When I ^C the daemon the client reports: Connection to silver.teardrop.org closed by remote host. Connection to silver.teardrop.org closed. debug: Transferred: stdin 0, stdout 0, stderr 101 bytes in 592.5 seconds debug: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.2 debug: Exit status -1 Also noteworthy, if I resize the client window at all, the server sees: debug1: session_input_channel_req: session 0 channel 0 request window-change reply 0 I asked a friend to try this on his 4.2-S box. He cvsup'd, built sshd, and ran it from /usr/obj/... and was able to reproduce this. I'm grabbing /usr/src/crypto/openssh from a box I don't cvsup automatically to keep me going for now. Any suggestions? Any information I should have provided but forgot? :) Thanks, -Snow To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010322115633.A18513>