openssh unix dev - Apr 2019 - Call for testing: OpenSSH 8.0

Hi,

OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible.

Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/

The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html

Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable

Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:

$ ./configure && make tests

Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev at mindrot.org. Security bugs should be reported
directly to openssh at openssh.com.

Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.

Thanks to the many people who contributed to this release.

Security
=======
This release contains mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.

This release adds client-side checking that the filenames sent from
the server match the command-line request,

The scp protocol is outdated, inflexible and not readily fixed. We
recommend the use of more modern protocols like sftp and rsync for
file transfer instead.

Potentially-incompatible changes
===============================
This release includes a number of changes that may affect existing
configurations:

 * scp(1): Relating to the above changes to scp(1); the scp protocol
   relies on the remote shell for wildcard expansion, so there is no
   infallible way for the client's wildcard matching to perfectly
   reflect the server's. If there is a difference between client and
   server wildcard expansion, the client may refuse files from the
   server. For this reason, we have provided a new "-T" flag to scp
   that disables these client-side checks at the risk of
   reintroducing the attack described above.

 * sshd(8): Remove support for obsolete "host/port" syntax. Slash-
   separated host/port was added in 2001 as an alternative to
   host:port syntax for the benefit of IPv6 users. These days there
   are establised standards for this like [::1]:22 and the slash
   syntax is easily mistaken for CIDR notation, which OpenSSH
   supports for some things. Remove the slash notation from
   ListenAddress and PermitOpen; bz#2335

Changes since OpenSSH 7.9
========================
This release is focused on new features and internal refactoring.

New Features
------------

 * ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
   PKCS#11 tokens.

 * ssh(1), sshd(8): Add experimental quantum-computing resistant
   key exchange method, based on a combination of Streamlined NTRU
   Prime 4591^761 and X25519.

 * ssh-keygen(1): Increase the default RSA key size to 3072 bits,
   following NIST Special Publication 800-57's guidance for a
   128-bit equivalent symmetric security level.

 * ssh(1): Allow "PKCS11Provide=none" to override later instances of
   the PKCS11Provide directive in ssh_config; bz#2974

 * sshd(8): Add a log message for situations where a connection is
   dropped for attempting to run a command but a sshd_config
   ForceCommand=internal-sftp restriction is in effect; bz#2960

 * ssh(1): When prompting whether to record a new host key, accept
   the key fingerprint as a synonym for "yes". This allows the user
   to paste a fingerprint obtained out of band at the prompt and
   have the client do the comparison for you.

 * ssh-keygen(1): When signing multiple certificates on a single
   command-line invocation, allow automatically incrementing the
   certificate serial number.

 * scp(1), sftp(1): Accept -J option as an alias to ProxyJump on
   the scp and sftp command-lines.

 * ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
   command-line flags to increase the verbosity of output; pass
   verbose flags though to subprocesses, such as ssh-pkcs11-helper
   started from ssh-agent.

 * ssh-add(1): Add a "-T" option to allowing testing whether keys in
   an agent are usable by performing a signature and a verification.

 * sftp-server(8): Add a "lsetstat at openssh.com" protocol extension
   that replicates the functionality of the existing SSH2_FXP_SETSTAT
   operation but does not follow symlinks. bz#2067

 * sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request
   they do not follow symlinks.

 * sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes
   the connection 4-tuple available to PAM modules that wish to use
   it in decision-making. bz#2741

 * sshd(8): Add a ssh_config "Match final" predicate Matches in same
   pass as "Match canonical" but doesn't require hostname
   canonicalisation be enabled. bz#2906

 * sftp(1): Support a prefix of '@' to suppress echo of sftp batch
   commands; bz#2926

 * ssh-keygen(1): When printing certificate contents using
   "ssh-keygen -Lf /path/certificate", include the algorithm that
   the CA used to sign the cert.

Bugfixes
--------

 * sshd(8): Fix authentication failures when sshd_config contains
   "AuthenticationMethods any" inside a Match block that overrides
   a more restrictive default.

 * sshd(8): Avoid sending duplicate keepalives when ClientAliveCount
   is enabled.

 * sshd(8): Fix two race conditions related to SIGHUP daemon restart.
   Remnant file descriptors in recently-forked child processes could
   block the parent sshd's attempt to listen(2) to the configured
   addresses. Also, the restarting parent sshd could exit before any
   child processes that were awaiting their re-execution state had
   completed reading it, leaving them in a fallback path.

 * ssh(1): Fix stdout potentially being redirected to /dev/null when
   ProxyCommand=- was in use.

 * sshd(8): Avoid sending SIGPIPE to child processes if they attempt
   to write to stderr after their parent processes have exited;
   bz#2071

 * ssh(1): Fix bad interaction between the ssh_config ConnectTimeout
   and ConnectionAttempts directives - connection attempts after the
   first were ignoring the requested timeout; bz#2918

 * ssh-keyscan(1): Return a non-zero exit status if no keys were
   found; bz#2903

 * scp(1): Sanitize scp filenames to allow UTF-8 characters without
   terminal control sequences;  bz#2434

 * sshd(8): Fix confusion between ClientAliveInterval and time-based
   RekeyLimit that could cause connections to be incorrectly closed.
   bz#2757

 * ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN
   handling at initial token login. The attempt to read the PIN
   could be skipped in some cases, particularly on devices with
   integrated PIN readers. This would lead to an inability to
   retrieve keys from these tokens. bz#2652

 * ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
   CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
   C_SignInit operation. bz#2638

 * ssh(1): Improve documentation for ProxyJump/-J, clarifying that
   local configuration does not apply to jump hosts.

 * ssh-keygen(1): Clarify manual - ssh-keygen -e only writes
   public keys, not private.

 * ssh(1), sshd(8): be more strict in processing protocol banners,
   allowing \r characters only immediately before \n.

 * Various: fix a number of memory leaks, including bz#2942 and
   bz#2938

 * scp(1), sftp(1): fix calculation of initial bandwidth limits.
   Account for bytes written before the timer starts and adjust the
   schedule on which recalculations are performed. Avoids an initial
   burst of traffic and yields more accurate bandwidth limits;
   bz#2927

 * sshd(8): Only consider the ext-info-c extension during the initial
   key eschange. It shouldn't be sent in subsequent ones, but if it
   is present we should ignore it. This prevents sshd from sending a
   SSH_MSG_EXT_INFO for REKEX for buggy these clients. bz#2929

 * ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in 
   authorized_keys) and -R (remove host from authorized_keys) options
   may accept either a bare hostname or a [hostname]:port combo.
   bz#2935

 * ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK; bz#2936

 * sshd(8): Silence error messages when sshd fails to load some of
   the default host keys. Failure to load an explicitly-configured
   hostkey is still an error, and failure to load any host key is
   still fatal. pr/103

 * ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
   started with ControlPersist; prevents random ProxyCommand output
   from interfering with session output.

 * ssh(1): The ssh client was keeping a redundant ssh-agent socket
   (leftover from authentication) around for the life of the
   connection; bz#2912

 * sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
   PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types
   were specified, then authentication would always fail for RSA keys
   as the monitor checks only the base key (not the signature
   algorithm) type against *AcceptedKeyTypes. bz#2746

 * ssh(1): Request correct signature types from ssh-agent when
   certificate keys and RSA-SHA2 signatures are in use.

Portability
-----------

 * sshd(8): On Cygwin, run as SYSTEM where possible, using S4U for
   token creation if it supports MsV1_0 S4U Logon.

 * sshd(8): On Cygwin, use custom user/group matching code that
   respects the OS' behaviour of case-insensitive matching.

 * sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies
   the user environment if it's enabled; bz#2937

 * sshd(8) Cygwin: Change service name to cygsshd to avoid collision
   with Microsoft's OpenSSH port.

 * Allow building against OpenSSL -dev (3.x)

 * Fix a number of build problems against version configurations and
   versions of OpenSSL. Including bz#2931 and bz#2921

 * Improve warnings in cygwin service setup. bz#2922

 * Remove hardcoded service name in cygwin setup. bz#2922

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.

On Wed, Mar 27, 2019 at 10:00:13PM +1100, Damien Miller
wrote:
> Hi,
> 
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
> 
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
> 
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> 
> $ ./configure && make tests
> 
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
Working on FreeBSD 11.2 compiled with clang 8.

These boxes will be converted to FreeBSD 12 this Friday.
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
> 
> Thanks to the many people who contributed to this release.
> 
> Security
> =======> 
> This release contains mitigation for a weakness in the scp(1) tool
> and protocol (CVE-2019-6111): when copying files from a remote system
> to a local directory, scp(1) did not verify that the filenames that
> the server sent matched those requested by the client. This could
> allow a hostile server to create or clobber unexpected local files
> with attacker-controlled content.
> 
> This release adds client-side checking that the filenames sent from
> the server match the command-line request,
> 
> The scp protocol is outdated, inflexible and not readily fixed. We
> recommend the use of more modern protocols like sftp and rsync for
> file transfer instead.
> 
> Potentially-incompatible changes
> ===============================> 
> This release includes a number of changes that may affect existing
> configurations:
> 
>  * scp(1): Relating to the above changes to scp(1); the scp protocol
>    relies on the remote shell for wildcard expansion, so there is no
>    infallible way for the client's wildcard matching to perfectly
>    reflect the server's. If there is a difference between client and
>    server wildcard expansion, the client may refuse files from the
>    server. For this reason, we have provided a new "-T" flag to
scp
>    that disables these client-side checks at the risk of
>    reintroducing the attack described above.
> 
>  * sshd(8): Remove support for obsolete "host/port" syntax.
Slash-
>    separated host/port was added in 2001 as an alternative to
>    host:port syntax for the benefit of IPv6 users. These days there
>    are establised standards for this like [::1]:22 and the slash
>    syntax is easily mistaken for CIDR notation, which OpenSSH
>    supports for some things. Remove the slash notation from
>    ListenAddress and PermitOpen; bz#2335
> 
> Changes since OpenSSH 7.9
> ========================> 
> This release is focused on new features and internal refactoring.
> 
> New Features
> ------------
> 
>  * ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
>    PKCS#11 tokens.
> 
>  * ssh(1), sshd(8): Add experimental quantum-computing resistant
>    key exchange method, based on a combination of Streamlined NTRU
>    Prime 4591^761 and X25519.
> 
>  * ssh-keygen(1): Increase the default RSA key size to 3072 bits,
>    following NIST Special Publication 800-57's guidance for a
>    128-bit equivalent symmetric security level.
> 
>  * ssh(1): Allow "PKCS11Provide=none" to override later instances
of
>    the PKCS11Provide directive in ssh_config; bz#2974
> 
>  * sshd(8): Add a log message for situations where a connection is
>    dropped for attempting to run a command but a sshd_config
>    ForceCommand=internal-sftp restriction is in effect; bz#2960
> 
>  * ssh(1): When prompting whether to record a new host key, accept
>    the key fingerprint as a synonym for "yes". This allows the
user
>    to paste a fingerprint obtained out of band at the prompt and
>    have the client do the comparison for you.
> 
>  * ssh-keygen(1): When signing multiple certificates on a single
>    command-line invocation, allow automatically incrementing the
>    certificate serial number.
> 
>  * scp(1), sftp(1): Accept -J option as an alias to ProxyJump on
>    the scp and sftp command-lines.
> 
>  * ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
>    command-line flags to increase the verbosity of output; pass
>    verbose flags though to subprocesses, such as ssh-pkcs11-helper
>    started from ssh-agent.
> 
>  * ssh-add(1): Add a "-T" option to allowing testing whether keys
in
>    an agent are usable by performing a signature and a verification.
> 
>  * sftp-server(8): Add a "lsetstat at openssh.com" protocol
extension
>    that replicates the functionality of the existing SSH2_FXP_SETSTAT
>    operation but does not follow symlinks. bz#2067
> 
>  * sftp(1): Add "-h" flag to chown/chgrp/chmod commands to
request
>    they do not follow symlinks.
> 
>  * sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes
>    the connection 4-tuple available to PAM modules that wish to use
>    it in decision-making. bz#2741
> 
>  * sshd(8): Add a ssh_config "Match final" predicate Matches in
same
>    pass as "Match canonical" but doesn't require hostname
>    canonicalisation be enabled. bz#2906
> 
>  * sftp(1): Support a prefix of '@' to suppress echo of sftp batch
>    commands; bz#2926
> 
>  * ssh-keygen(1): When printing certificate contents using
>    "ssh-keygen -Lf /path/certificate", include the algorithm that
>    the CA used to sign the cert.
> 
> Bugfixes
> --------
> 
>  * sshd(8): Fix authentication failures when sshd_config contains
>    "AuthenticationMethods any" inside a Match block that
overrides
>    a more restrictive default.
> 
>  * sshd(8): Avoid sending duplicate keepalives when ClientAliveCount
>    is enabled.
> 
>  * sshd(8): Fix two race conditions related to SIGHUP daemon restart.
>    Remnant file descriptors in recently-forked child processes could
>    block the parent sshd's attempt to listen(2) to the configured
>    addresses. Also, the restarting parent sshd could exit before any
>    child processes that were awaiting their re-execution state had
>    completed reading it, leaving them in a fallback path.
> 
>  * ssh(1): Fix stdout potentially being redirected to /dev/null when
>    ProxyCommand=- was in use.
> 
>  * sshd(8): Avoid sending SIGPIPE to child processes if they attempt
>    to write to stderr after their parent processes have exited;
>    bz#2071
> 
>  * ssh(1): Fix bad interaction between the ssh_config ConnectTimeout
>    and ConnectionAttempts directives - connection attempts after the
>    first were ignoring the requested timeout; bz#2918
> 
>  * ssh-keyscan(1): Return a non-zero exit status if no keys were
>    found; bz#2903
> 
>  * scp(1): Sanitize scp filenames to allow UTF-8 characters without
>    terminal control sequences;  bz#2434
> 
>  * sshd(8): Fix confusion between ClientAliveInterval and time-based
>    RekeyLimit that could cause connections to be incorrectly closed.
>    bz#2757
> 
>  * ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN
>    handling at initial token login. The attempt to read the PIN
>    could be skipped in some cases, particularly on devices with
>    integrated PIN readers. This would lead to an inability to
>    retrieve keys from these tokens. bz#2652
> 
>  * ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
>    CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
>    C_SignInit operation. bz#2638
> 
>  * ssh(1): Improve documentation for ProxyJump/-J, clarifying that
>    local configuration does not apply to jump hosts.
> 
>  * ssh-keygen(1): Clarify manual - ssh-keygen -e only writes
>    public keys, not private.
> 
>  * ssh(1), sshd(8): be more strict in processing protocol banners,
>    allowing \r characters only immediately before \n.
> 
>  * Various: fix a number of memory leaks, including bz#2942 and
>    bz#2938
> 
>  * scp(1), sftp(1): fix calculation of initial bandwidth limits.
>    Account for bytes written before the timer starts and adjust the
>    schedule on which recalculations are performed. Avoids an initial
>    burst of traffic and yields more accurate bandwidth limits;
>    bz#2927
> 
>  * sshd(8): Only consider the ext-info-c extension during the initial
>    key eschange. It shouldn't be sent in subsequent ones, but if it
>    is present we should ignore it. This prevents sshd from sending a
>    SSH_MSG_EXT_INFO for REKEX for buggy these clients. bz#2929
> 
>  * ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in 
>    authorized_keys) and -R (remove host from authorized_keys) options
>    may accept either a bare hostname or a [hostname]:port combo.
>    bz#2935
> 
>  * ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK; bz#2936
> 
>  * sshd(8): Silence error messages when sshd fails to load some of
>    the default host keys. Failure to load an explicitly-configured
>    hostkey is still an error, and failure to load any host key is
>    still fatal. pr/103
> 
>  * ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
>    started with ControlPersist; prevents random ProxyCommand output
>    from interfering with session output.
> 
>  * ssh(1): The ssh client was keeping a redundant ssh-agent socket
>    (leftover from authentication) around for the life of the
>    connection; bz#2912
> 
>  * sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
>    PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types
>    were specified, then authentication would always fail for RSA keys
>    as the monitor checks only the base key (not the signature
>    algorithm) type against *AcceptedKeyTypes. bz#2746
> 
>  * ssh(1): Request correct signature types from ssh-agent when
>    certificate keys and RSA-SHA2 signatures are in use.
> 
> Portability
> -----------
> 
>  * sshd(8): On Cygwin, run as SYSTEM where possible, using S4U for
>    token creation if it supports MsV1_0 S4U Logon.
> 
>  * sshd(8): On Cygwin, use custom user/group matching code that
>    respects the OS' behaviour of case-insensitive matching.
> 
>  * sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies
>    the user environment if it's enabled; bz#2937
> 
>  * sshd(8) Cygwin: Change service name to cygsshd to avoid collision
>    with Microsoft's OpenSSH port.
> 
>  * Allow building against OpenSSL -dev (3.x)
> 
>  * Fix a number of build problems against version configurations and
>    versions of OpenSSL. Including bz#2931 and bz#2921
> 
>  * Improve warnings in cygwin service setup. bz#2922
> 
>  * Remove hardcoded service name in cygwin setup. bz#2922
> 
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
> Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
> Tim Rice and Ben Lindstrom.
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Alberta on 16 April 2019, do not vote UCP, FCP nor NDP!

NetBSD-8 for amd64 and i386 fail in similar ways:

test_sshkey: ..................................
regress/unittests/sshkey/test_file.c:74 test #35 "parse RSA from private w/
passphrase"
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, (const char *)sshbuf_ptr(pw),
&k2, NULL), 0) failed:
sshkey_parse_private_fileblob(buf, (const char *)sshbuf_ptr(pw), &k2, NULL)
= -43
            0 = 0
[1]   Abort trap (core dumped) ${V} /home/htodd...
*** Error code 134


-- 
Hisashi T Fujinaka - htodd at twofifty.com
BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee

Oh, and all tests appear to be passing for NetBSD-current amd64 at the
moment.

On Wed, 27 Mar 2019, Hisashi T Fujinaka wrote:
> NetBSD-8 for amd64 and i386 fail in similar ways:
>
> test_sshkey: ..................................
> regress/unittests/sshkey/test_file.c:74 test #35 "parse RSA from
private w/
> passphrase"
> ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, (const char 
> *)sshbuf_ptr(pw), &k2, NULL), 0) failed:
> sshkey_parse_private_fileblob(buf, (const char *)sshbuf_ptr(pw), &k2,
NULL) =
> -43
>           0 = 0
> [1]   Abort trap (core dumped) ${V} /home/htodd...
> *** Error code 134
>
>
>
-- 
Hisashi T Fujinaka - htodd at twofifty.com
BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee

On Mar 27 22:00, Damien Miller wrote:
> Hi,
> 
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
> 
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
> 
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> 
> $ ./configure && make tests
> 
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
> 
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
> 
> Thanks to the many people who contributed to this release.
Cygwin: All tests pass.


Thanks,
Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL:
<http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20190327/c7abaa6d/attachment.asc>

On 27/03/19 12:00, Damien Miller wrote:
> Hi,
> 
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
It fails to build on Solaris < 10.

Here's how it looks on Solaris 2.6/x86:
gcc -D__EXTENSIONS__ -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -g -O2 
-pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare 
-Wformat-security -Wno-pointer-sign -fno-strict-aliasing 
-D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-all 
-I. -I.. -I. -I./.. -I/usr/tgcware/include -DHAVE_CONFIG_H -c bsd-misc.c
bsd-misc.c: In function 'utimensat':
bsd-misc.c:132: warning: unused variable 'oflags'
bsd-misc.c:132: warning: unused variable 'ret'
bsd-misc.c: In function 'fchownat':
bsd-misc.c:176: error: 'O_NOFOLLOW' undeclared (first use in this
function)
bsd-misc.c:176: error: (Each undeclared identifier is reported only once
bsd-misc.c:176: error: for each function it appears in.)
bsd-misc.c: In function 'fchmodat':
bsd-misc.c:205: error: 'O_NOFOLLOW' undeclared (first use in this
function)
gmake[1]: *** [bsd-misc.o] Error 1

To allow the build to finish I added this workaround:
#ifndef O_NOFOLLOW
# define O_NOFOLLOW 0
#endif

I've run the testsuite on Solaris 2.6/x86 and Solaris 9/sparc and all 
tests pass for both.

-tgc

On Wed, 27 Mar 2019 at 22:27, Tom G. Christensen <tgc at jupiterrise.com>
wrote:
> To allow the build to finish I added this workaround:
> #ifndef O_NOFOLLOW
> # define O_NOFOLLOW 0
> #endif
Fixed, but I opted to ifdef out the code in that case instead of using
an arbitrary (albeit harmless in this context) value.

Thanks.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

On 03/27/19 12:00, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
Compiled on illumos based openindiana /hipster (with self compiled 
OpenSSL, MIT Kerberos 5):
:; ssh -V
OpenSSH_7.9p1-snap20190328, OpenSSL 1.1.1b? 26 Feb 2019

:; /usr/gcc/8/bin/gcc --version
gcc (OpenIndiana 8.2.0-OI-5) 8.2.0

Regards.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

MacOS Mojave 10.14.3 with MacPorts, openssl 1.1.1a ? all tests passed; 
version string ?OpenSSH_7.9p1-snap20190329, OpenSSL 1.1.1a? 20 Nov 2018?

? Larry

On Wed, Mar 27, 2019 at 10:04 PM Damien Miller <djm at mindrot.org>
wrote:
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
Hi Damien,

I pull today's snapshot from the link above onto an Ubuntu 18.04.2 and
was able to successfully build and run the regression tests.

I then tried to use the new ssh binary to connect to one of our
production servers (which run OpenSSH_7.4p1) and observed an error
connecting, after authentication appeared to succeed.

$ ./ssh -p 4444 ec2-user at our.server.in.the.cloud
client_loop: Broken pipe

When I execute the same command with the built-in SSH (OpenSSH_7.6p1)
it succeeds.

If relevant, we use short-lived RSA certificates that are in our local
SSH agent, and the private keys are not written to disk.

Full verbose output below - I've changed the server names / IPs / port
numbers a little but otherwise as is:

$ ssh-add -L
ssh-rsa AA...AN /home/me/.ssh/id_rsa
ssh-rsa-cert-v01 at openssh.com AAAAH...MJskQ== id_dtacld_shortlived_rsa

$ ./ssh -vvv -p 4444 ec2-user at our.server.in.the.cloud
OpenSSH_7.9p1-snap20190329, OpenSSL 1.1.0g  2 Nov 2017
debug2: resolving "our.server.in.the.cloud" port 4444
debug2: ssh_connect_direct
debug1: Connecting to our.server.in.the.cloud [our.ip.in.the.cloud] port 4444.
debug1: Connection established.
debug1: identity file /home/me/.ssh/id_rsa type 0
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/me/.ssh/id_ed25519 type -1
debug1: identity file /home/me/.ssh/id_ed25519-cert type -1
debug1: identity file /home/me/.ssh/id_xmss type -1
debug1: identity file /home/me/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to our.server.in.the.cloud:4444 as 'ec2-user'
debug3: put_host_port: [our.server.in.the.cloud]:4444
debug3: hostkeys_foreach: reading file "/home/me/.ssh/known_hosts"
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at
openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-rsa-cert-v01 at
openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib at openssh.com,zlib
debug2: compression stoc: none,zlib at openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01
at openssh.com,ssh-ed25519
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256-cert-v01 at openssh.com
debug1: kex: server->client cipher: chacha20-poly1305 at openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305 at openssh.com MAC:
<implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host certificate:
ecdsa-sha2-nistp256-cert-v01 at openssh.com
SHA256:AH8vtFSfhKUE41ankmoB/tpo9Duxe7ZHA5S1sja36Fk, serial 0 ID
"our.server.in.the.cloud" CA ssh-rsa
SHA256:QtxnpSvhjow+Z68+z5VMnNGitHHc+nkoDMiJM0C+JtM valid from
2019-03-29T11:00:01 to 2019-03-30T11:00:01
debug2: Server host certificate hostname: our.server.in.the.cloud
debug3: put_host_port: [our.ip.in.the.cloud]:4444
debug3: put_host_port: [our.server.in.the.cloud]:4444
debug3: hostkeys_foreach: reading file "/home/me/.ssh/known_hosts"
debug1: checking without port identifier
debug3: hostkeys_foreach: reading file "/home/me/.ssh/known_hosts"
debug3: record_hostkey: found ca key type RSA in file
/home/me/.ssh/known_hosts:11
debug3: load_hostkeys: loaded 1 keys from our.server.in.the.cloud
debug1: Host 'our.server.in.the.cloud' is known and matches the
ECDSA-CERT host certificate.
debug1: Found CA key in /home/me/.ssh/known_hosts:11
debug1: found matching key w/out port
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/me/.ssh/id_rsa RSA
SHA256:jFWK2zuc3SuLroIcpk/awobdgD43pu0G9iWtst1lLzg agent
debug1: Will attempt key: id_dtacld_shortlived_rsa RSA-CERT
SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
debug1: Will attempt key: /home/me/.ssh/id_dsa
debug1: Will attempt key: /home/me/.ssh/id_ecdsa
debug1: Will attempt key: /home/me/.ssh/id_ed25519
debug1: Will attempt key: /home/me/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/me/.ssh/id_rsa RSA
SHA256:jFWK2zuc3SuLroIcpk/awobdgD43pu0G9iWtst1lLzg agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: id_dtacld_shortlived_rsa RSA-CERT
SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: id_dtacld_shortlived_rsa RSA-CERT
SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
debug3: sign_and_send_pubkey: RSA-CERT
SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0
debug1: sign_and_send_pubkey: no separate private key for certificate
"id_dtacld_shortlived_rsa"
debug3: sign_and_send_pubkey: signing using ssh-rsa-cert-v01 at openssh.com
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to our.server.in.the.cloud ([our.ip.in.the.cloud]:4444).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions at openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00 at openssh.com want_reply
0
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: send packet: type 1
client_loop: Broken pipe

On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> Hi,
> 
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
> 
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> Github:
> https://github.com/openssh/openssh-portable
> 
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> 
> $ ./configure && make tests
For now, I have only one comment, but I plan to run more tests in our
environment.

The SoftHSM lives in Fedora in /usr/lib64/pkcs11/libsofthsm2.so so
there is a patch needed so OpenSSH regression testsuite can find it:

diff --git a/regress/agent-pkcs11.sh b/regress/agent-pkcs11.sh
index 5dd77126..a5500229 100644
--- a/regress/agent-pkcs11.sh
+++ b/regress/agent-pkcs11.sh
@@ -17,6 +17,7 @@ try_token_libs() {
 
 try_token_libs \
 	/usr/local/lib/softhsm/libsofthsm2.so \
+	/usr/lib64/pkcs11/libsofthsm2.so \
 	/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
 
 TEST_SSH_PIN=1234

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.

Thanks for testing - are you able to see if there's anything in
the server logs?

I've just committed some extra verbosity in the client's log messages
that
might clarify where it is exiting (patch attached).

-d

On Fri, 29 Mar 2019, Adam Eijdenberg wrote:
> On Wed, Mar 27, 2019 at 10:04 PM Damien Miller <djm at mindrot.org>
wrote:
> >
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
testing
> > on as many platforms and systems as possible.
> >
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> 
> Hi Damien,
> 
> I pull today's snapshot from the link above onto an Ubuntu 18.04.2 and
> was able to successfully build and run the regression tests.
> 
> I then tried to use the new ssh binary to connect to one of our
> production servers (which run OpenSSH_7.4p1) and observed an error
> connecting, after authentication appeared to succeed.
> 
> $ ./ssh -p 4444 ec2-user at our.server.in.the.cloud
> client_loop: Broken pipe
> 
> When I execute the same command with the built-in SSH (OpenSSH_7.6p1)
> it succeeds.
> 
> If relevant, we use short-lived RSA certificates that are in our local
> SSH agent, and the private keys are not written to disk.
> 
> Full verbose output below - I've changed the server names / IPs / port
> numbers a little but otherwise as is:
> 
> $ ssh-add -L
> ssh-rsa AA...AN /home/me/.ssh/id_rsa
> ssh-rsa-cert-v01 at openssh.com AAAAH...MJskQ== id_dtacld_shortlived_rsa
> 
> $ ./ssh -vvv -p 4444 ec2-user at our.server.in.the.cloud
> OpenSSH_7.9p1-snap20190329, OpenSSL 1.1.0g  2 Nov 2017
> debug2: resolving "our.server.in.the.cloud" port 4444
> debug2: ssh_connect_direct
> debug1: Connecting to our.server.in.the.cloud [our.ip.in.the.cloud] port
4444.
> debug1: Connection established.
> debug1: identity file /home/me/.ssh/id_rsa type 0
> debug1: identity file /home/me/.ssh/id_rsa-cert type -1
> debug1: identity file /home/me/.ssh/id_dsa type -1
> debug1: identity file /home/me/.ssh/id_dsa-cert type -1
> debug1: identity file /home/me/.ssh/id_ecdsa type -1
> debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
> debug1: identity file /home/me/.ssh/id_ed25519 type -1
> debug1: identity file /home/me/.ssh/id_ed25519-cert type -1
> debug1: identity file /home/me/.ssh/id_xmss type -1
> debug1: identity file /home/me/.ssh/id_xmss-cert type -1
> debug1: Local version string SSH-2.0-OpenSSH_7.9
> debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
> debug1: match: OpenSSH_7.4 pat
>
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
> compat 0x04000002
> debug2: fd 3 setting O_NONBLOCK
> debug1: Authenticating to our.server.in.the.cloud:4444 as
'ec2-user'
> debug3: put_host_port: [our.server.in.the.cloud]:4444
> debug3: hostkeys_foreach: reading file
"/home/me/.ssh/known_hosts"
> debug3: send packet: type 20
> debug1: SSH2_MSG_KEXINIT sent
> debug3: receive packet: type 20
> debug1: SSH2_MSG_KEXINIT received
> debug2: local client KEXINIT proposal
> debug2: KEX algorithms:
> curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
> debug2: host key algorithms:
> ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at
openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-rsa-cert-v01 at
openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
> debug2: ciphers ctos:
> chacha20-poly1305 at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
> debug2: ciphers stoc:
> chacha20-poly1305 at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
> debug2: MACs ctos:
> umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: MACs stoc:
> umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: compression ctos: none,zlib at openssh.com,zlib
> debug2: compression stoc: none,zlib at openssh.com,zlib
> debug2: languages ctos:
> debug2: languages stoc:
> debug2: first_kex_follows 0
> debug2: reserved 0
> debug2: peer server KEXINIT proposal
> debug2: KEX algorithms:
> curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: host key algorithms:
>
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01
at openssh.com,ssh-ed25519
> debug2: ciphers ctos:
> chacha20-poly1305 at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
> debug2: ciphers stoc:
> chacha20-poly1305 at
openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
> debug2: MACs ctos:
> umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: MACs stoc:
> umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> debug2: compression ctos: none,zlib at openssh.com
> debug2: compression stoc: none,zlib at openssh.com
> debug2: languages ctos:
> debug2: languages stoc:
> debug2: first_kex_follows 0
> debug2: reserved 0
> debug1: kex: algorithm: curve25519-sha256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256-cert-v01 at
openssh.com
> debug1: kex: server->client cipher: chacha20-poly1305 at openssh.com
MAC:
> <implicit> compression: none
> debug1: kex: client->server cipher: chacha20-poly1305 at openssh.com
MAC:
> <implicit> compression: none
> debug3: send packet: type 30
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug3: receive packet: type 31
> debug1: Server host certificate:
> ecdsa-sha2-nistp256-cert-v01 at openssh.com
> SHA256:AH8vtFSfhKUE41ankmoB/tpo9Duxe7ZHA5S1sja36Fk, serial 0 ID
> "our.server.in.the.cloud" CA ssh-rsa
> SHA256:QtxnpSvhjow+Z68+z5VMnNGitHHc+nkoDMiJM0C+JtM valid from
> 2019-03-29T11:00:01 to 2019-03-30T11:00:01
> debug2: Server host certificate hostname: our.server.in.the.cloud
> debug3: put_host_port: [our.ip.in.the.cloud]:4444
> debug3: put_host_port: [our.server.in.the.cloud]:4444
> debug3: hostkeys_foreach: reading file
"/home/me/.ssh/known_hosts"
> debug1: checking without port identifier
> debug3: hostkeys_foreach: reading file
"/home/me/.ssh/known_hosts"
> debug3: record_hostkey: found ca key type RSA in file
> /home/me/.ssh/known_hosts:11
> debug3: load_hostkeys: loaded 1 keys from our.server.in.the.cloud
> debug1: Host 'our.server.in.the.cloud' is known and matches the
> ECDSA-CERT host certificate.
> debug1: Found CA key in /home/me/.ssh/known_hosts:11
> debug1: found matching key w/out port
> debug3: send packet: type 21
> debug2: set_newkeys: mode 1
> debug1: rekey out after 134217728 blocks
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug3: receive packet: type 21
> debug1: SSH2_MSG_NEWKEYS received
> debug2: set_newkeys: mode 0
> debug1: rekey in after 134217728 blocks
> debug1: Will attempt key: /home/me/.ssh/id_rsa RSA
> SHA256:jFWK2zuc3SuLroIcpk/awobdgD43pu0G9iWtst1lLzg agent
> debug1: Will attempt key: id_dtacld_shortlived_rsa RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
> debug1: Will attempt key: /home/me/.ssh/id_dsa
> debug1: Will attempt key: /home/me/.ssh/id_ecdsa
> debug1: Will attempt key: /home/me/.ssh/id_ed25519
> debug1: Will attempt key: /home/me/.ssh/id_xmss
> debug2: pubkey_prepare: done
> debug3: send packet: type 5
> debug3: receive packet: type 7
> debug1: SSH2_MSG_EXT_INFO received
> debug1: kex_input_ext_info:
server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
> debug3: receive packet: type 6
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug3: send packet: type 50
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey
> debug3: start over, passed a different list publickey
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/me/.ssh/id_rsa RSA
> SHA256:jFWK2zuc3SuLroIcpk/awobdgD43pu0G9iWtst1lLzg agent
> debug3: send packet: type 50
> debug2: we sent a publickey packet, wait for reply
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey
> debug1: Offering public key: id_dtacld_shortlived_rsa RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
> debug3: send packet: type 50
> debug2: we sent a publickey packet, wait for reply
> debug3: receive packet: type 60
> debug1: Server accepts key: id_dtacld_shortlived_rsa RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0 agent
> debug3: sign_and_send_pubkey: RSA-CERT
> SHA256:AeEypypDIQ7DXiFtXfpEGmNZHHSpDoD9Hppg+YzU+O0
> debug1: sign_and_send_pubkey: no separate private key for certificate
> "id_dtacld_shortlived_rsa"
> debug3: sign_and_send_pubkey: signing using ssh-rsa-cert-v01 at openssh.com
> debug3: send packet: type 50
> debug3: receive packet: type 52
> debug1: Authentication succeeded (publickey).
> Authenticated to our.server.in.the.cloud ([our.ip.in.the.cloud]:4444).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug3: send packet: type 90
> debug1: Requesting no-more-sessions at openssh.com
> debug3: send packet: type 80
> debug1: Entering interactive session.
> debug1: pledge: network
> debug3: receive packet: type 80
> debug1: client_input_global_request: rtype hostkeys-00 at openssh.com
want_reply 0
> debug3: receive packet: type 91
> debug2: channel_input_open_confirmation: channel 0: callback start
> debug2: fd 3 setting TCP_NODELAY
> debug3: ssh_packet_set_tos: set IP_TOS 0x48
> debug2: client_session2_setup: id 0
> debug2: channel 0: request pty-req confirm 1
> debug3: send packet: type 98
> debug2: channel 0: request shell confirm 1
> debug3: send packet: type 98
> debug2: channel_input_open_confirmation: channel 0: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug3: send packet: type 1
> client_loop: Broken pipe
> 
-------------- next part --------------
diff --git a/clientloop.c b/clientloop.c
index 521467bd..677236a9 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -364,7 +364,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
 				    SSH_X11_PROTO, x11_timeout_real,
 				    _PATH_DEVNULL);
 			}
-			debug2("%s: %s", __func__, cmd);
+			debug2("%s: xauth command: %s", __func__, cmd);
 
 			if (timeout != 0 && x11_refuse_time == 0) {
 				now = monotime() + 1;
@@ -492,7 +492,7 @@ server_alive_check(struct ssh *ssh)
 	    (r = sshpkt_put_cstring(ssh, "keepalive at openssh.com")) != 0
||
 	    (r = sshpkt_put_u8(ssh, 1)) != 0 ||		/* boolean: want reply */
 	    (r = sshpkt_send(ssh)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+		fatal("%s: send packet: %s", __func__, ssh_err(r));
 	/* Insert an empty placeholder to maintain ordering */
 	client_register_global_confirm(NULL, NULL);
 }
@@ -1035,7 +1035,7 @@ process_escapes(struct ssh *ssh, Channel *c,
 				channel_request_start(ssh, c->self, "break", 0);
 				if ((r = sshpkt_put_u32(ssh, 1000)) != 0 ||
 				    (r = sshpkt_send(ssh)) != 0)
-					fatal("%s: %s", __func__,
+					fatal("%s: send packet: %s", __func__,
 					    ssh_err(r));
 				continue;
 
@@ -1416,7 +1416,7 @@ client_loop(struct ssh *ssh, int have_pty, int
escape_char_arg,
 	    (r = sshpkt_put_cstring(ssh, "")) != 0 ||	/* language tag */
 	    (r = sshpkt_send(ssh)) != 0 ||
 	    (r = ssh_packet_write_wait(ssh)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+		fatal("%s: send disconnect: %s", __func__, ssh_err(r));
 
 	channel_free_all(ssh);
 
@@ -1502,7 +1502,7 @@ client_request_forwarded_tcpip(struct ssh *ssh, const char
*request_type,
 	    (r = sshpkt_get_cstring(ssh, &originator_address, NULL)) != 0 ||
 	    (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
 	    (r = sshpkt_get_end(ssh)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+		fatal("%s: parse packet: %s", __func__, ssh_err(r));
 
 	debug("%s: listen %s port %d, originator %s port %d", __func__,
 	    listen_address, listen_port, originator_address, originator_port);
@@ -1559,9 +1559,9 @@ client_request_forwarded_streamlocal(struct ssh *ssh,
 	if ((r = sshpkt_get_cstring(ssh, &listen_path, NULL)) != 0 ||
 	    (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 ||	/* reserved */
 	    (r = sshpkt_get_end(ssh)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+		fatal("%s: parse packet: %s", __func__, ssh_err(r));
 
-	debug("%s: %s", __func__, listen_path);
+	debug("%s: request: %s", __func__, listen_path);
 
 	c = channel_connect_by_listen_path(ssh, listen_path,
 	    "forwarded-streamlocal at openssh.com",
"forwarded-streamlocal");
@@ -1591,7 +1591,7 @@ client_request_x11(struct ssh *ssh, const char
*request_type, int rchan)
 	if ((r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 ||
 	    (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
 	    (r = sshpkt_get_end(ssh)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+		fatal("%s: parse packet: %s", __func__, ssh_err(r));
 	/* XXX check permission */
 	/* XXX range check originator port? */
 	debug("client_request_x11: request from %s %u", originator,
@@ -2260,12 +2260,12 @@ client_session2_setup(struct ssh *ssh, int id, int
want_tty, int want_subsystem,
 		    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_row)) != 0 ||
 		    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_xpixel)) != 0 ||
 		    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_ypixel)) != 0)
-			fatal("%s: %s", __func__, ssh_err(r));
+			fatal("%s: build packet: %s", __func__, ssh_err(r));
 		if (tiop == NULL)
 			tiop = get_saved_tio();
 		ssh_tty_make_modes(ssh, -1, tiop);
 		if ((r = sshpkt_send(ssh)) != 0)
-			fatal("%s: %s", __func__, ssh_err(r));
+			fatal("%s: send packet: %s", __func__, ssh_err(r));
 		/* XXX wait for reply */
 		c->client_tty = 1;
 	}
@@ -2299,8 +2299,10 @@ client_session2_setup(struct ssh *ssh, int id, int
want_tty, int want_subsystem,
 			channel_request_start(ssh, id, "env", 0);
 			if ((r = sshpkt_put_cstring(ssh, name)) != 0 ||
 			    (r = sshpkt_put_cstring(ssh, val)) != 0 ||
-			    (r = sshpkt_send(ssh)) != 0)
-				fatal("%s: %s", __func__, ssh_err(r));
+			    (r = sshpkt_send(ssh)) != 0) {
+				fatal("%s: send packet: %s",
+				    __func__, ssh_err(r));
+			}
 			free(name);
 		}
 	}
@@ -2318,7 +2320,7 @@ client_session2_setup(struct ssh *ssh, int id, int
want_tty, int want_subsystem,
 		if ((r = sshpkt_put_cstring(ssh, name)) != 0 ||
 		    (r = sshpkt_put_cstring(ssh, val)) != 0 ||
 		    (r = sshpkt_send(ssh)) != 0)
-			fatal("%s: %s", __func__, ssh_err(r));
+			fatal("%s: send packet: %s", __func__, ssh_err(r));
 		free(name);
 	}
 
@@ -2340,12 +2342,14 @@ client_session2_setup(struct ssh *ssh, int id, int
want_tty, int want_subsystem,
 		}
 		if ((r = sshpkt_put_stringb(ssh, cmd)) != 0 ||
 		    (r = sshpkt_send(ssh)) != 0)
-			fatal("%s: %s", __func__, ssh_err(r));
+			fatal("%s: send command: %s", __func__, ssh_err(r));
 	} else {
 		channel_request_start(ssh, id, "shell", 1);
 		client_expect_confirm(ssh, id, "shell", CONFIRM_CLOSE);
-		if ((r = sshpkt_send(ssh)) != 0)
-			fatal("%s: %s", __func__, ssh_err(r));
+		if ((r = sshpkt_send(ssh)) != 0) {
+			fatal("%s: send shell request: %s",
+			    __func__, ssh_err(r));
+		}
 	}
 }

On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
>  * ssh(1): Allow "PKCS11Provide=none" to override later instances
of
>    the PKCS11Provide directive in ssh_config; bz#2974
Just a minor note, there is a typo. It should say "PKCS11Provider".

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.

Build and tests ok on macOS 10.14.4 with

Using LibreSSL 2.6.5 (self built with vanilla ./configure )

Then snapshot from 20190328 was built with
	./configure --with-ssl-path=<path-to-libre>

Tests are all ok.


However, the when running a debug sshd, it fails password authentication 
(neither through password nor kbd-interactive).  Not sure if macOS 
requires special build options for this.  Tried with --with-use-pam with 
no difference.  I saw various instructions on how to build it (most seem 
to  include homebrew, which I don't have), but have not made extensive 
tests.

(It turns out it also happens with an older official version on an older 
macOS (7-4p1 on macOS 10.9), so it's doesn't look like it specific to 
the 8.0 snapshot.)

I'll see if I can dig into it.

Meanwhile if someone knows something about it, please let me know.


Markus



On 03.27.19 12:00 , Damien Miller wrote:
> Hi,
> 
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
> 
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
> 
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> 
> $ ./configure && make tests
> 
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
> 
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
> 
> Thanks to the many people who contributed to this release.
> 
> Security

On Wed, Mar 27, 2019 at 11:01 AM Damien Miller <djm at mindrot.org> wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
>
Ubuntu 18.04: all tests passed

Thanks,
Andy

On 3/27/19 4:00 AM, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
Using openssh-SNAP-20190401.tar.gz
AIX 7200-03-02-1846
OpenSSL 1.0.2p? 14 Aug 2018
gcc (GCC) 8.1.0
GNU Make 4.2.1

gmake tests fails:
./configure && gmake tests
...
gcc -O2 -mcpu=powerpc -D_LINUX_SOURCE_COMPAT -pipe -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2
-ftrapv -fno-builtin-memset?? -I. -I. -I/opt/freeware/include -I/opt/phs/include
-DSSHDIR=\"/usr/local/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c
-o sshkey.o
sshkey.c: In function 'sshkey_format_cert_validity':
sshkey.c:2750:42: warning: '%s' directive output may be truncated
writing up to 31 bytes into a region of size between 24 and 55
[-Wformat-truncation=]
?? snprintf(ret, sizeof(ret), "from %s to %s", from, to);
????????????????????????????????????????? ^~???????? ~~
sshkey.c:2750:3: note: 'snprintf' output between 10 and 72 bytes into a
destination of size 64
?? snprintf(ret, sizeof(ret), "from %s to %s", from, to);
?? ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
...
gcc -O2 -mcpu=powerpc -D_LINUX_SOURCE_COMPAT -pipe -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2
-ftrapv -fno-builtin-memset?? -I. -I. -I/opt/freeware/include -I/opt/phs/include
-DSSHDIR=\"/usr/local/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c
channels.c -o channels.o
channels.c: In function 'channel_post_mux_listener':
channels.c:2314:6: warning: implicit declaration of function
'getpeereid'; did you mean 'getpcred'?
[-Wimplicit-function-declaratio ]
? if (getpeereid(newsock, &euid, &egid) < 0) {
????? ^~~~~~~~~~
????? getpcred?
...
gcc -O2 -mcpu=powerpc -D_LINUX_SOURCE_COMPAT -pipe -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2
-ftrapv -fno-builtin-memset?? -I. -I. -I/opt/freeware/include -I/opt/phs/include
-DSSHDIR=\"/usr/local/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c
hostfile.c -o hostfile.o
hostfile.c: In function 'host_hash':
hostfile.c:151:44: warning: '%s' directive output may be truncated
writing up to 511 bytes into a region of size between 509 and 1020
[-Wformat-truncation=]
? snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
??????????????????????????????????????????? ^~
????? HASH_DELIM, uu_result);
????????????????? ~~~~~~~~~
hostfile.c:151:2: note: 'snprintf' output between 5 and 1027 bytes into
a destination of size 1024
? snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
? ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
????? HASH_DELIM, uu_result);
????? ~~~~~~~~~~~~~~~~~~~~~~

...
gcc -O2 -mcpu=powerpc -D_LINUX_SOURCE_COMPAT -pipe -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2
-ftrapv -fno-builtin-memset?? -I. -I. -I/opt/freeware/include -I/opt/phs/include
-DSSHDIR=\"/usr/local/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c
sntrup4591761.c -o sntrup4591761.o
In file included from includes.h:100,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/usr/include/sys/mman.h:148:15: error: conflicting types for 'mmap64'
? extern void *mmap64(void *, size_t, int, int, int, off64_t);
?????????????? ^~~~~~
/usr/include/sys/mman.h:143:15: note: previous declaration of 'mmap64'
was here
? extern void *mmap(void *, size_t, int, int, int, off_t);
?????????????? ^~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:582:12:
error: conflicting types for 'fgetpos64'
?extern int fgetpos64(FILE *, fpos64_t *);
??????????? ^~~~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:377:12:
note: previous declaration of 'fgetpos64' was here
?extern int fgetpos(FILE *__restrict__, fpos_t *__restrict__);
??????????? ^~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:585:12:
error: conflicting types for 'fseeko64'
?extern int fseeko64(FILE *, off64_t, int);
??????????? ^~~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:525:12:
note: previous declaration of 'fseeko64' was here
?extern int fseeko(FILE *, off_t, int);
??????????? ^~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:586:12:
error: conflicting types for 'fsetpos64'
?extern int fsetpos64(FILE *, const fpos64_t *);
??????????? ^~~~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:379:12:
note: previous declaration of 'fsetpos64' was here
?extern int fsetpos(FILE *, const fpos_t *);
??????????? ^~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:587:16:
error: conflicting types for 'ftello64'
?extern off64_t ftello64(FILE *);
??????????????? ^~~~~~~~
In file included from /usr/include/pwd.h:158,
???????????????? from platform.h:19,
???????????????? from includes.h:173,
???????????????? from crypto_api.h:11,
???????????????? from sntrup4591761.c:12:
/opt/freeware/lib/gcc/powerpc-ibm-aix7.2.0.0/8.1.0/include-fixed/stdio.h:526:14:
note: previous declaration of 'ftello64' was here
?extern off_t ftello(FILE *);
????????????? ^~~~~~
gmake: *** [Makefile:161: sntrup4591761.o] Error 1



-- 
# include <stddisclaimer.h>
/* Kevin Brott <Kevin.Brott at GMail.com> */

On 3/27/19 4:00 AM, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.

Using openssh-SNAP-20190401.tar.gz
Debian GNU/Linux 9.8 (stretch)
gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
GNU Make 4.1
OpenSSL 1.1.0j? 20 Nov 2018

./configure && gmake tests
...
all tests passed

-- 
# include <stddisclaimer.h>
/* Kevin Brott <Kevin.Brott at GMail.com> */

On Sun, 31 Mar 2019 at 19:01, Kevin Brott <kevin.brott at gmail.com>
wrote:
[...]
> Using openssh-SNAP-20190401.tar.gz
> AIX 7200-03-02-1846
> OpenSSL 1.0.2p  14 Aug 2018
> gcc (GCC) 8.1.0
> GNU Make 4.2.1
[...]
> sshkey.c: In function 'sshkey_format_cert_validity':
> sshkey.c:2750:42: warning: '%s' directive output may be truncated
writing up to 31 bytes into a region of size between 24 and 55
[-Wformat-truncation=]
>    snprintf(ret, sizeof(ret), "from %s to %s", from, to);
>                                           ^~         ~~
> sshkey.c:2750:3: note: 'snprintf' output between 10 and 72 bytes
into a destination of size 64
>    snprintf(ret, sizeof(ret), "from %s to %s", from, to);
should be harmless: the input strings are limited to 20 bytes by being
formatted as ISO8601 timestamps.  Will revisit after release.
> channels.c: In function 'channel_post_mux_listener':
> channels.c:2314:6: warning: implicit declaration of function
'getpeereid'; did you mean 'getpcred'?
[-Wimplicit-function-declaratio ]
Does AIX7 have getpeereid?  If not, the prototype should come from
openbsd-compat.h, if so maybe we need to add a header?
> hostfile.c: In function 'host_hash':
> hostfile.c:151:44: warning: '%s' directive output may be truncated
writing up to 511 bytes into a region of size between 509 and 1020
[-Wformat-truncation=]
>   snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC,
uu_salt,
not sure yet.
.
> gcc -O2 -mcpu=powerpc -D_LINUX_SOURCE_COMPAT -pipe -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess
-Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2
-ftrapv -fno-builtin-memset   -I. -I. -I/opt/freeware/include -I/opt/phs/include
-DSSHDIR=\"/usr/local/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"
-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"
-D_PATH_SSH_PIDDIR=\"/var/run\"
-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c
sntrup4591761.c -o sntrup4591761.o
> In file included from includes.h:100,
>                  from crypto_api.h:11,
>                  from sntrup4591761.c:12:
> /usr/include/sys/mman.h:148:15: error: conflicting types for
'mmap64'
I think this is due to missing compat stuff.  Try adding:

#include "includes.h"

to the start of sntrup4591761.c.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

On Wed, Mar 27, 2019 at 4:07 AM Damien Miller <djm at mindrot.org> wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
>
Using openssh-SNAP-20190402.tar.gz ...
==OpSys   : Linux Mint 19 Tara
Compiler: gcc (Ubuntu 7.3.0-27ubuntu1~18.04) 7.3.0
Make    : GNU Make 4.1
OpenSSL : OpenSSL 1.1.0g  2 Nov 2017
Results : all tests passed
==OpSys   : Red Hat Enterprise Linux Server release 7.5 (Maipo)
Compiler: gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-28)
Make    : GNU Make 3.82
OpenSSL : OpenSSL 1.0.2k-fips  26 Jan 2017
Results : all tests passed
==OpSys   : Red Hat Enterprise Linux Server release 6.6 (Santiago)
Compiler: gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-11)
Make    : GNU Make 3.81
OpenSSL : OpenSSL 1.0.1e-fips 11 Feb 2013
Results : all tests passed
==
-- 
# include <stddisclaimer.h>
/* Kevin  Brott <Kevin.Brott at gmail.com> */

> From: Damien Miller <djm at mindrot.org>
> Thanks for testing - are you able to see if there's anything in
> the server logs?
Hi Damien,

I've been able to reproduce being unable to successfully connect to
EC2 instances launched with either Amazon Linux 2 AMI (HVM) or Amazon
Linux AMI 2018.03.0 (HVM) images (which are the first two options you
see when launching an instance via their "Launch instance..." wizard).

Both appear to use OpenSSH 7.4.

I've included both client and server logs below. Older versions of the
ssh client connect just fine. For these logs, the server contained no
custom configuration (other than setting the LogLevel to DEBUG3), so
this should be reproducible by anyone with an AWS account.

Hope that helps.

Cheers, Adam

Client:

$ ./ssh ec2-user at server.ip.in.cloud -vvv
OpenSSH_7.9p1-snap20190402, OpenSSL 1.1.0g  2 Nov 2017
debug1: Reading configuration data /home/username/.ssh/config
debug2: resolve_canonicalize: hostname server.ip.in.cloud is address
debug2: ssh_connect_direct
debug1: Connecting to server.ip.in.cloud [server.ip.in.cloud] port 22.
debug1: Connection established.
debug1: identity file /home/username/.ssh/id_rsa type 0
debug1: identity file /home/username/.ssh/id_rsa-cert type -1
debug1: identity file /home/username/.ssh/id_dsa type -1
debug1: identity file /home/username/.ssh/id_dsa-cert type -1
debug1: identity file /home/username/.ssh/id_ecdsa type -1
debug1: identity file /home/username/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/username/.ssh/id_ed25519 type -1
debug1: identity file /home/username/.ssh/id_ed25519-cert type -1
debug1: identity file /home/username/.ssh/id_xmss type -1
debug1: identity file /home/username/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to server.ip.in.cloud:22 as 'ec2-user'
debug3: hostkeys_foreach: reading file
"/home/username/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file
/home/username/.ssh/known_hosts:13
debug3: load_hostkeys: loaded 1 keys from server.ip.in.cloud
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at
openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at
openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01
at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-rsa-cert-v01 at
openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib at openssh.com,zlib
debug2: compression stoc: none,zlib at openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305 at openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305 at openssh.com MAC:
<implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256
SHA256:v57cBLmh7Ypw6bZIWO/wb9+UqN95LOce2IiQdFmY6o8
debug3: hostkeys_foreach: reading file
"/home/username/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file
/home/username/.ssh/known_hosts:13
debug3: load_hostkeys: loaded 1 keys from server.ip.in.cloud
debug1: Host 'server.ip.in.cloud' is known and matches the ECDSA host
key.
debug1: Found key in /home/username/.ssh/known_hosts:13
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/username/.ssh/id_rsa RSA
SHA256:wrong.key.sig agent
debug1: Will attempt key: (stdin) RSA SHA256:our.key.sig agent
debug1: Will attempt key: /home/username/.ssh/id_dsa
debug1: Will attempt key: /home/username/.ssh/id_ecdsa
debug1: Will attempt key: /home/username/.ssh/id_ed25519
debug1: Will attempt key: /home/username/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/username/.ssh/id_rsa RSA
SHA256:wrong.key.sig agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: (stdin) RSA SHA256:our.key.sig agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: (stdin) RSA SHA256:our.key.sig agent
debug3: sign_and_send_pubkey: RSA SHA256:our.key.sig
debug3: sign_and_send_pubkey: signing using rsa-sha2-512
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to server.ip.in.cloud ([server.ip.in.cloud]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions at openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00 at openssh.com want_reply
0
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: send packet: type 1
client_loop: Broken pipe
<client terminates>

Server:

Apr  2 22:05:56 ip-an-ip sshd[2773]: Received signal 15; terminating.
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug3: oom_adjust_setup
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug1: Set
/proc/self/oom_score_adj from 0 to -1000
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug2: fd 3 setting O_NONBLOCK
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug1: Bind to port 22 on 0.0.0.0.
Apr  2 22:05:56 ip-an-ip sshd[3006]: Server listening on 0.0.0.0 port 22.
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug2: fd 4 setting O_NONBLOCK
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug3: sock_set_v6only: set
socket 4 IPV6_V6ONLY
Apr  2 22:05:56 ip-an-ip sshd[3006]: debug1: Bind to port 22 on ::.
Apr  2 22:05:56 ip-an-ip sshd[3006]: Server listening on :: port 22.
Apr  2 22:06:11 ip-an-ip sshd[3006]: debug3: fd 5 is not O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3006]: debug1: Forked child 3009.
Apr  2 22:06:11 ip-an-ip sshd[3006]: debug3: send_rexec_state:
entering fd = 8 config len 743
Apr  2 22:06:11 ip-an-ip sshd[3006]: debug3: ssh_msg_send: type 0
Apr  2 22:06:11 ip-an-ip sshd[3006]: debug3: send_rexec_state: done
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: oom_adjust_restore
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: Set /proc/self/oom_score_adj to 0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: rexec start in 5 out 5
newsock 5 pipe 7 sock 8
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: inetd sockets after dupping: 3, 3
Apr  2 22:06:11 ip-an-ip sshd[3009]: Connection from source.ip port
62367 on 172.31.15.213 port 22
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: Client protocol version
2.0; client software version OpenSSH_7.9
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: match: OpenSSH_7.9 pat
OpenSSH* compat 0x04000000
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: Local version string
SSH-2.0-OpenSSH_7.4
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: Enabling compatibility
mode for protocol 2.0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: fd 3 setting O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: ssh_sandbox_init:
preparing rlimit sandbox
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: Network child is on pid 3010
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: preauth child monitor started
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: SELinux support disabled [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: privsep user:group 74:74 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: permanently_set_uid:
74/74 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: list_hostkey_types:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 20 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 20 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: SSH2_MSG_KEXINIT received [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: local server KEXINIT
proposal [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at
openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: compression ctos:
none,zlib at openssh.com [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: compression stoc:
none,zlib at openssh.com [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: languages ctos:  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: languages stoc:  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: first_kex_follows 0  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: reserved 0  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: peer client KEXINIT
proposal [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at
libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: host key algorithms:
ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at
openssh.com,ecdsa-sha2-nistp521-cert-v01 at
openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01
at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at
openssh.com,ssh-rsa-cert-v01 at
openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: ciphers ctos:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: ciphers stoc:
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at
openssh.com,aes256-gcm at openssh.com
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: MACs ctos:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: MACs stoc:
umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at
openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at
openssh.com,umac-64 at openssh.com,umac-128 at
openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: compression ctos:
none,zlib at openssh.com,zlib [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: compression stoc:
none,zlib at openssh.com,zlib [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: languages ctos:  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: languages stoc:  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: first_kex_follows 0  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: reserved 0  [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: algorithm:
curve25519-sha256 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: host key algorithm:
ecdsa-sha2-nistp256 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: client->server
cipher: chacha20-poly1305 at openssh.com MAC: <implicit> compression:
none [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: server->client
cipher: chacha20-poly1305 at openssh.com MAC: <implicit> compression:
none [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: curve25519-sha256
need=64 dh_need=64 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 120 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 120
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 121
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 121 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: kex: curve25519-sha256
need=64 dh_need=64 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 120 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 120
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 121
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 121 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: expecting
SSH2_MSG_KEX_ECDH_INIT [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 30 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_sign entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 6 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 6
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_sign
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_sign: hostkey
proof signature 0x55c067c39140(100)
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 7
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: monitor_read: 6 used
once, disabling now
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_sign: waiting for
MONITOR_ANS_SIGN [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 7 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 31 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 21 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: set_newkeys: mode 1 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: rekey after 134217728
blocks [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: expecting
SSH2_MSG_NEWKEYS [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 7 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 21 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: set_newkeys: mode 0 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: rekey after 134217728
blocks [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: KEX done [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 5 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 6 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 50 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth-request for user
ec2-user service ssh-connection method none [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: attempt 0 failures 0 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_getpwnamallow entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 8 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 8
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_pwnamallow
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: Trying to reverse map
address source.ip.
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: parse_server_config:
config reprocess config len 743
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_pwnamallow:
sending MONITOR_ANS_PWNAM: 1
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 9
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: monitor_read: 8 used
once, disabling now
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_getpwnamallow: waiting
for MONITOR_ANS_PWNAM [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 9 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: input_userauth_request:
setting up authctxt for ec2-user [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_start_pam entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 100 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 100
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: PAM: initializing for
"ec2-user"
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: PAM: setting PAM_RHOST to
"host.on.other.side"
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: PAM: setting PAM_TTY to
"ssh"
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: monitor_read: 100 used
once, disabling now
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_inform_authserv
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 4 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_inform_authrole
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 80 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: input_userauth_request:
try method none [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: userauth_finish: failure
partial=0 next methods="publickey" [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 51 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 4
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_authserv:
service=ssh-connection, styleApr  2 22:06:11 ip-an-ip sshd[3009]: debug2:
monitor_read: 4 used
once, disabling now
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 80
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_authrole: roleApr  2
22:06:11 ip-an-ip sshd[3009]: debug2: monitor_read: 80 used
once, disabling now
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 50 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth-request for user
ec2-user service ssh-connection method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: attempt 1 failures 0 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: input_userauth_request:
try method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth_pubkey: test
whether pkalg/pkblob are acceptable for RSA SHA256:wrong.key.sig
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 22 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed: waiting
for MONITOR_ANS_KEYALLOWED [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 23 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 22
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed:
key_from_blob: 0x55c067c466f0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: temporarily_use_uid:
500/500 (e=0/0)
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: trying public key file
/home/ec2-user/.ssh/authorized_keys
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: fd 4 clearing O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: key not found
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: restore_uid: 0/0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed: key
0x55c067c466f0 is not allowed
Apr  2 22:06:11 ip-an-ip sshd[3009]: Failed publickey for ec2-user
from source.ip port 62367 ssh2: RSA SHA256:wrong.key.sig
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 23
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: userauth_pubkey:
authenticated 0 pkalg rsa-sha2-512 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: userauth_finish: failure
partial=0 next methods="publickey" [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 51 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 50 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth-request for user
ec2-user service ssh-connection method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: attempt 2 failures 1 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: input_userauth_request:
try method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth_pubkey: test
whether pkalg/pkblob are acceptable for RSA SHA256:our.key.sig
[preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 22 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed: waiting
for MONITOR_ANS_KEYALLOWED [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 23 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 22
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed:
key_from_blob: 0x55c067c39330
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: temporarily_use_uid:
500/500 (e=0/0)
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: trying public key file
/home/ec2-user/.ssh/authorized_keys
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: fd 4 clearing O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: matching key found: file
/home/ec2-user/.ssh/authorized_keys, line 1 RSA SHA256:our.key.sig
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: restore_uid: 0/0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed: key
0x55c067c39330 is allowed
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering: type 23
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: send packet: type 60 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: userauth_pubkey:
authenticated 0 pkalg rsa-sha2-512 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: Postponed publickey for ec2-user
from source.ip port 62367 ssh2 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: receive packet: type 50 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: userauth-request for user
ec2-user service ssh-connection method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: attempt 3 failures 1 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug2: input_userauth_request:
try method publickey [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: userauth_pubkey: have
signature for RSA SHA256:our.key.sig [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_send entering:
type 22 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_key_allowed: waiting
for MONITOR_ANS_KEYALLOWED [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive_expect
entering: type 23 [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive
entering [preauth]
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_request_receive entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: monitor_read: checking request 22
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed entering
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug3: mm_answer_keyallowed:
key_from_blob: 0x55c067c465f0
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: temporarily_use_uid:
500/500 (e=0/0)
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: trying public key file
/home/ec2-user/.ssh/authorized_keys
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: fd 4 clearing O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: matching key found: file
/home/ec2-user/.ssh/authorized_keys, line 1 RSA SHA256:our.key.sig
Apr  2 22:06:11 ip-an-ip sshd[3009]: debug1: restore_uid: 0/0
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: PAM: establishing credentials
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: permanently_set_uid: 500/500
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: monitor_apply_keystate:
packet_set_state
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug2: set_newkeys: mode 0
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: rekey after 134217728 blocks
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug2: set_newkeys: mode 1
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: rekey after 134217728 blocks
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: ssh_packet_set_postauth: called
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: ssh_packet_set_state: done
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: notify_hostkeys: key 0:
ssh-rsa SHA256:HR2Tce3f0NZNVJmhSiO+NYOH9CkdctNWlNpZx8ddJts
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: notify_hostkeys: key 1:
ecdsa-sha2-nistp256 SHA256:v57cBLmh7Ypw6bZIWO/wb9+UqN95LOce2IiQdFmY6o8
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: notify_hostkeys: key 2:
ssh-ed25519 SHA256:RfsVz1u9CcJlkgZg3ybqTA//lEb8x+Pi4xIyM2xKDfA
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: notify_hostkeys: sent 3 hostkeys
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: send packet: type 80
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: Entering interactive
session for SSH2.
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug2: fd 4 setting O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug2: fd 6 setting O_NONBLOCK
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: server_init_dispatch
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: receive packet: type 90
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1:
server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: input_session_request
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: channel 0: new [server-session]
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug2: session_new: allocate
(allocated 0 max 10)
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: session_unused: session id 0 unused
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: session_new: session 0
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: session_open: channel 0
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1: session_open: session 0:
link with channel 0
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1:
server_input_channel_open: confirm session
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: send packet: type 91
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug3: receive packet: type 80
Apr  2 22:06:11 ip-an-ip sshd[3011]: debug1:
server_input_global_request: rtype no-more-sessions at openssh.com
want_reply 0
<no more output from server>

On Wed, 3 Apr 2019, Adam Eijdenberg wrote:
> > From: Damien Miller <djm at mindrot.org>
> > Thanks for testing - are you able to see if there's anything in
> > the server logs?
> 
> Hi Damien,
> 
> I've been able to reproduce being unable to successfully connect to
> EC2 instances launched with either Amazon Linux 2 AMI (HVM) or Amazon
> Linux AMI 2018.03.0 (HVM) images (which are the first two options you
> see when launching an instance via their "Launch instance..."
wizard).
This is deeply weird, especially the lack of further output from the
server. A couple more questions:

Does this only happen with Amazon as the destination?

Is there anything in dmesg indicating a sandbox violation?

Could you try turning off IPQoS setting (ssh -oIPQoS=none ...) and seeing
whether that makes any difference?

Was it working with OpenSSH 7.9? If none of the above yield any clues,
then could I ask you to try and git bisect the last good version and
git HEAD to see where it broke.

Thanks again for your patience,
Damien

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> > 
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> > 
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> > 
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> > 
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> > 
> > $ ./configure && make tests
> 
> For now, I have only one comment, but I plan to run more tests in our
> environment.
Trying to build the master, there is still one use of removed packet
api. The attached patch moves it to the new API.

Jakub


commit 9572372df606b74de1cb90b2e64e88b1c3237998
Author: Jakub Jelen <jjelen at redhat.com>
Date:   Wed Apr 3 16:51:12 2019 +0200

    session: Do not use removed API
    
    Signed-off-by: Jakub Jelen <jjelen at redhat.com>

diff --git a/session.c b/session.c
index c7d115a2..f2c3abde 100644
--- a/session.c
+++ b/session.c
@@ -2621,7 +2621,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
 		he = gethostbyname(hostname);
 		if (he == NULL) {
 			error("Can't get IP address for X11 DISPLAY.");
-			packet_send_debug("Can't get IP address for X11
DISPLAY.");
+			ssh_packet_send_debug(ssh, "Can't get IP
address for X11 DISPLAY.");
 			return 0;
 		}
 		memcpy(&my_addr, he->h_addr_list[0], sizeof(struct
in_addr));

On 3/27/19 12:00 PM, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> [...]
all tests passed on
CentOS Linux release 7.6.1810?
SUSE Linux Enterprise Server 12 SP3
Ubuntu 16.04.6 LTS

(this was with openssh-SNAP-20190401.tar.gz)

best regards,

Martin

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> > 
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> > 
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> > 
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> > 
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> > 
> > $ ./configure && make tests
> 
> For now, I have only one comment, but I plan to run more tests in our
> environment.
I noticed few memory leaks from the client so far.

Patch fixing these two is attached.

Thanks,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-memleak.patch
Type: text/x-patch
Size: 1612 bytes
Desc: not available
URL:
<http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20190405/a31a2ded/attachment-0001.bin>

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> > 
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> > 
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> > 
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> > 
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> > 
> > $ ./configure && make tests
> 
> For now, I have only one comment, but I plan to run more tests in our
> environment.
After diving a bit into the PKCS#11 again, I noticed that the
pkcs11_finalize is not called at all from ssh.

I think it should be called once we are removing the keys from memory.

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-finalize.patch
Type: text/x-patch
Size: 601 bytes
Desc: not available
URL:
<http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20190405/8338d054/attachment.bin>

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> > 
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> > 
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> > 
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> > 
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> > 
> > $ ./configure && make tests
> 
> For now, I have only one comment, but I plan to run more tests in our
> environment.
There is also changed semantics of the ssh-keygen when listing keys
from PKCS#11 modules. In the past, it was not needed to enter a PIN for
this, but now.

At least, it is not consistent with a comment in the function
pkcs11_open_session(), which says

 727  * if pin == NULL we delay login until key use

Being logged in before listing keys prevents bug #2430, but as a side
effect, even the ssh can not list keys before login and if the
configuration contains a PKCS#11 module, the user is always prompted
for a PIN, which is not very user friendly.

I see this is a regression and the bug #2430 should get solved as
proposed in the patches (will need some tweaks after the big
refactoring).

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> > 
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> > 
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> > 
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> > 
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> > 
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> > 
> > $ ./configure && make tests
> 
> For now, I have only one comment, but I plan to run more tests in our
> environment.
I was unable to build the seccomp filter debug routine, which is
probably a change in the recent Llinux kernel rather than in OpenSSH.
Skipping the include of asm/siginfo.h workarounds the problem (but
might fail with older kernels?). Other solution is to track more
defines to workaround the problem.

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.