Hi,
I just tried building of OpenSSH-2.1.0 on HP-UX 10.20 and found the following
items:
- The configure command I used at the beginning:
CC=cc CFLAGS="-Ae +O2 +DAportable" CPPFLAGS="-I/usr/local/include
-I/usr/local/s
sl/include -I/usr/include/X11R6" LDFLAGS="-L/usr/local/lib
-L/usr/local/ssl/lib
-L/usr/lib/X11R6" ./configure --prefix=/usr/local/openssh
--sysconfdir=/etc/ssh
--with-rsh=/usr/local/lib/rsh/remsh --with-tcp-wrappers --with-pid-dir=/var/run
--with-xauth=/usr/bin/X11/xauth --with-ssl-dir=/usr/local/ssl
- Regardless if specified via "--with-ssl-dir" or not,
/usr/local/ssl/include
is not searched for include files.
From config.log:
...
configure:2003: checking for OpenSSL directory
configure:2051: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/loc
al/include -I/usr/local/include -I/usr/local/ssl/include -I/usr/include/X11R6 -L
/usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6 -L/usr/local/lib conftest.c
-lz -lcrypto 1>&5
cc: "configure", line 2046: warning 604: Pointers are not
assignment-compatible.
cc: "configure", line 2046: warning 563: Argument #2 is not the
correct type.
cc: "configure", line 2046: warning 604: Pointers are not
assignment-compatible.
cc: "configure", line 2046: warning 563: Argument #3 is not the
correct type.
...
[This is why I added /usr/local/ssl/include to CPPFLAGS]
- Unlike typical "configure" operations, flags passed as CPPFLAGS are
ignored
during the actual build process.
cc -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/local/include
-DETCDIR=\"/etc/ssh\"
-DSSH_PROGRAM=\"/usr/local/openssh/bin/ssh\"
-DSSH_ASKPASS_DEFAULT=\"/usr/local/openssh/libexec/ssh/ssh-askpass\"
-DHAVE_CONFIG_H -c -o bsd-misc.o bsd-misc.c
cpp: "rsa.h", line 21: error 4036: Can't open include file
'openssl/bn.h'.
cpp: "rsa.h", line 22: error 4036: Can't open include file
'openssl/rsa.h'.
cpp: "cipher.h", line 19: error 4036: Can't open include file
'openssl/des.h'.
cpp: "cipher.h", line 20: error 4036: Can't open include file
'openssl/blowfish.h'.
cpp: "cipher.h", line 21: error 4036: Can't open include file
'openssl/rc4.h'.
cpp: "cipher.h", line 22: error 4036: Can't open include file
'openssl/cast.h'.
cpp: "bsd-misc.c", line 50: error 4036: Can't open include file
'openssl/rand.h'.
-> workaround: move CPPFLAGS into CFLAGS
- The "-Aa -D_HPUX_SOURCE" hardcoded does not efficiently use the
HP-UX
environment. "-Ae" does include the above flags _and_ "+e"
for 64bit
long long support (as the -Aa overrides the CFLAGS given):
configure:2267: checking size of long long int
configure:2286: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE
-I/usr/local/include -I/usr/local/include -I/usr/local/ssl/include
-I/usr/include/X11R6 -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6
-L/usr/local/lib conftest.c -lz -lcrypto 1>&5
cc: "configure", line 2281: error 1681: Must use +e or -Ae for long
long in ANSI
mode.
configure: failed program was:
...
- The documentation says:
--with-pid-dir=PATH specifies the directory in which the ssh.pid file is
created.
* ssh.pid != sshd.pid perfect, it won't interfere with my running
ssh-1.2.27 :-)
* At the end of the compilation:
-D/var/run/sshd.pid=/var/run/sshd.pid
Ok, lets reconfigure it to another path :-(
- make install gives:
/opt/imake/bin/install -c -d /usr/local/openssh/bin
rm: /usr/local/openssh/bin/ directory
cp: illegal option -- d
Usage: cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file target_file
cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file ...
target_directory
cp [-f|-i] [-p] [-S] -R|-r [-e warn|force|ignore] source_directory ...
target_directory
...
- The INSTALL document (and probably others) have not yet fully integrated
ssh2 support.
- First tests:
openssh client -> ssh-1.2.27 server: works
openssh client -> openssh-server [Proto 1]: works, but without X-forwarding
even though configured with "X11Forwarding yes"
[have not looked into it as of now]
openssh client -> openssh-server [Proto 2]: does not work.
serv01 111: /usr/local/openssh/bin/ssh -2 -p 24 serv01
PRNG seedfile /home/aet/serv01/jaenicke/.ssh/prng_seed must be mode 0600, owned
by uid 11019
serv01 112: ls -al ~/.ssh/prng_seed
-rw------- 1 jaenicke aet 1024 May 10 11:26
/home/aet/serv01/jaenicke/.ssh/prng_seed
[my $HOME and $HOME/.ssh are 700, too]
[Also no debugging until now]
- Please note, that the internal PRNG is a problem:
* Startup takes quite a long time when calling an ssh client.
[The server startup is also slow, but it does not happen too often]
* The sshd server clobbers my syslog.log:
May 10 11:23:41 serv01 sshd[27220]: Server listening on 0.0.0.0 port 24.
May 10 11:23:41 serv01 sshd[27220]: Generating 768 bit RSA key.
May 10 11:23:49 serv01 sshd[27220]: RSA key generation complete.
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni':
select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-an': select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -an' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -in' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -rn' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-s': select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -s' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -al':
select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ps -al' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl':
select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ps -efl' completion: No child processes
May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/w ':
select() failed: Interrupted system call
May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/w ' completion: No child processes
May 10 11:23:52 serv01 sshd[27220]: error: Command '/usr/bin/last ':
select() failed: Interrupted system call
May 10 11:23:52 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/last ' completion: No child processes
May 10 11:23:53 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/df ' completion: Interrupted system call
May 10 11:23:53 serv01 sshd[27394]: Accepted password for jaenicke from
141.43.132.161 port 989
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/df -i' completion: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/vmstat ':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/vmstat ' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/uptime ' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ipcs -a':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ipcs -a' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/tail -200' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/tail -200' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ls -alni' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-an': select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -an' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-in': select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -in' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-rn': select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -rn' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat
-s': select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/netstat -s' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -al':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ps -al' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl':
select() failed: Interrupted system call
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ps -efl' completion: No child processes
May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/w ' completion: No child processes
May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/last ' completion: Interrupted system call
May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/df ' completion: Interrupted system call
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/df -i' completion: Interrupted system call
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/vmstat ' completion: No child processes
May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/uptime ':
select() failed: Interrupted system call
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/uptime ' completion: No child processes
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/ipcs -a' completion: No child processes
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/tail -200' completion: No child processes
May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/tail -200':
select() failed: Interrupted system call
May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child
'/usr/bin/tail -200' completion: No child processes
...
Puh, so much for my first experiences. Seems I will stay with sshd-1.2.27
for some more time while trying to track all of these items down...
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
On Wed, May 10, 2000 at 11:31:44AM +0200, Lutz Jaenicke wrote: ...> - First tests: > openssh client -> ssh-1.2.27 server: works > openssh client -> openssh-server [Proto 1]: works, but without X-forwarding > even though configured with "X11Forwarding yes" > [have not looked into it as of now]... Ooops, X11-forwarding must of course also be enabled in ssh_config... fixed. Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
That's one *hell* of a configure line :-) I'll look at the SSL configure issues later. I sent Damien some autoconf caching changes a few days ago, looks like I missed something in testing. I'm a bit surprised, though, because my OpenSSL is in /usr/local/ssl too and it works fine. Also, my initial HP patch specified remsh instead of rsh, seems that's been lost somewhere. Thanks for the advice on switches for HP's ANSI compiler. I did the initial port to HP, but I won't pay for a UNIX compiler, just on principle :-) As stated on the web site, the entropy gatherer needs testing. 'Clobbered' is a harsh word for some overzealous entries in syslog, but if it bothers you greatly then change 'error' to 'debug' in lines 375 and 389 of entropy.c. This will most likely change in the next release anyway, IMO. The builtin PRNG timeout is set quite high by default, if it's not then slower machines time out too many commands, and the whole app fails (it actually reports 'no RSA support', though all it really means is that OpenSSL's PRNG isn't ready.) A better solution is to 'know' which commands are slow, and never try them - it will happen, probably quite soon, as it annoys me too. Again, if it bothers you unduly, add --with-entropy-timeout=20, or less depending on your machine speed, to your configure line. If it's of any use, a timeout of 10 is fine on my B132L+ at work. YMMV. If you can't wait, use EGD. Ta, -Andre' Lutz Jaenicke wrote:> > Hi, > > I just tried building of OpenSSH-2.1.0 on HP-UX 10.20 and found the following > items: > > - The configure command I used at the beginning: > CC=cc CFLAGS="-Ae +O2 +DAportable" CPPFLAGS="-I/usr/local/include -I/usr/local/s > sl/include -I/usr/include/X11R6" LDFLAGS="-L/usr/local/lib -L/usr/local/ssl/lib > -L/usr/lib/X11R6" ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh > --with-rsh=/usr/local/lib/rsh/remsh --with-tcp-wrappers --with-pid-dir=/var/run > --with-xauth=/usr/bin/X11/xauth --with-ssl-dir=/usr/local/ssl > > - Regardless if specified via "--with-ssl-dir" or not, /usr/local/ssl/include > is not searched for include files. > From config.log: > ... > configure:2003: checking for OpenSSL directory > configure:2051: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/loc > al/include -I/usr/local/include -I/usr/local/ssl/include -I/usr/include/X11R6 -L > /usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6 -L/usr/local/lib conftest.c > -lz -lcrypto 1>&5 > cc: "configure", line 2046: warning 604: Pointers are not assignment-compatible. > cc: "configure", line 2046: warning 563: Argument #2 is not the correct type. > cc: "configure", line 2046: warning 604: Pointers are not assignment-compatible. > cc: "configure", line 2046: warning 563: Argument #3 is not the correct type. > ... > > [This is why I added /usr/local/ssl/include to CPPFLAGS] > > - Unlike typical "configure" operations, flags passed as CPPFLAGS are ignored > during the actual build process. > cc -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/local/include -DETCDIR=\"/etc/ssh\" -DSSH_PROGRAM=\"/usr/local/openssh/bin/ssh\" -DSSH_ASKPASS_DEFAULT=\"/usr/local/openssh/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c -o bsd-misc.o bsd-misc.c > cpp: "rsa.h", line 21: error 4036: Can't open include file 'openssl/bn.h'. > cpp: "rsa.h", line 22: error 4036: Can't open include file 'openssl/rsa.h'. > cpp: "cipher.h", line 19: error 4036: Can't open include file 'openssl/des.h'. > cpp: "cipher.h", line 20: error 4036: Can't open include file 'openssl/blowfish.h'. > cpp: "cipher.h", line 21: error 4036: Can't open include file 'openssl/rc4.h'. > cpp: "cipher.h", line 22: error 4036: Can't open include file 'openssl/cast.h'. > cpp: "bsd-misc.c", line 50: error 4036: Can't open include file 'openssl/rand.h'. > -> workaround: move CPPFLAGS into CFLAGS > > - The "-Aa -D_HPUX_SOURCE" hardcoded does not efficiently use the HP-UX > environment. "-Ae" does include the above flags _and_ "+e" for 64bit > long long support (as the -Aa overrides the CFLAGS given): > configure:2267: checking size of long long int > configure:2286: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/local/include -I/usr/local/include -I/usr/local/ssl/include -I/usr/include/X11R6 -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6 -L/usr/local/lib conftest.c -lz -lcrypto 1>&5 > cc: "configure", line 2281: error 1681: Must use +e or -Ae for long long in ANSI > mode. > configure: failed program was: > ... > > - The documentation says: > --with-pid-dir=PATH specifies the directory in which the ssh.pid file is > created. > * ssh.pid != sshd.pid perfect, it won't interfere with my running > ssh-1.2.27 :-) > * At the end of the compilation: > -D/var/run/sshd.pid=/var/run/sshd.pid > Ok, lets reconfigure it to another path :-( > > - make install gives: > /opt/imake/bin/install -c -d /usr/local/openssh/bin > rm: /usr/local/openssh/bin/ directory > cp: illegal option -- d > Usage: cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file target_file > cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file ... target_directory > cp [-f|-i] [-p] [-S] -R|-r [-e warn|force|ignore] source_directory ... target_directory > ... > > - The INSTALL document (and probably others) have not yet fully integrated > ssh2 support. > > - First tests: > openssh client -> ssh-1.2.27 server: works > openssh client -> openssh-server [Proto 1]: works, but without X-forwarding > even though configured with "X11Forwarding yes" > [have not looked into it as of now] > openssh client -> openssh-server [Proto 2]: does not work. > > serv01 111: /usr/local/openssh/bin/ssh -2 -p 24 serv01 > PRNG seedfile /home/aet/serv01/jaenicke/.ssh/prng_seed must be mode 0600, owned by uid 11019 > serv01 112: ls -al ~/.ssh/prng_seed > -rw------- 1 jaenicke aet 1024 May 10 11:26 /home/aet/serv01/jaenicke/.ssh/prng_seed > [my $HOME and $HOME/.ssh are 700, too] > [Also no debugging until now] > > - Please note, that the internal PRNG is a problem: > * Startup takes quite a long time when calling an ssh client. > [The server startup is also slow, but it does not happen too often] > * The sshd server clobbers my syslog.log: > > May 10 11:23:41 serv01 sshd[27220]: Server listening on 0.0.0.0 port 24. > May 10 11:23:41 serv01 sshd[27220]: Generating 768 bit RSA key. > May 10 11:23:49 serv01 sshd[27220]: RSA key generation complete. > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat -an': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -an' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -in' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -rn' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat -s': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -s' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -al': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -al' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -efl' completion: No child processes > May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/w ': select() failed: Interrupted system call > May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/w ' completion: No child processes > May 10 11:23:52 serv01 sshd[27220]: error: Command '/usr/bin/last ': select() failed: Interrupted system call > May 10 11:23:52 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/last ' completion: No child processes > May 10 11:23:53 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df ' completion: Interrupted system call > May 10 11:23:53 serv01 sshd[27394]: Accepted password for jaenicke from 141.43.132.161 port 989 > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df -i' completion: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/vmstat ': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/vmstat ' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/uptime ' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ipcs -a': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ipcs -a' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -an': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -an' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -in': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -in' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -rn': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -rn' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -s': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -s' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -al': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -al' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl': select() failed: Interrupted system call > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -efl' completion: No child processes > May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/w ' completion: No child processes > May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/last ' completion: Interrupted system call > May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df ' completion: Interrupted system call > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df -i' completion: Interrupted system call > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/vmstat ' completion: No child processes > May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/uptime ': select() failed: Interrupted system call > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/uptime ' completion: No child processes > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ipcs -a' completion: No child processes > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes > May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call > May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes > > ... > > Puh, so much for my first experiences. Seems I will stay with sshd-1.2.27 > for some more time while trying to track all of these items down... > > Best regards, > Lutz > -- > Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE > BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ > Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 > Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
On Wed, May 10, 2000 at 11:31:44AM +0200, Lutz Jaenicke wrote:> serv01 111: /usr/local/openssh/bin/ssh -2 -p 24 serv01 > PRNG seedfile /home/aet/serv01/jaenicke/.ssh/prng_seed must be mode 0600, owned by uid 11019 > serv01 112: ls -al ~/.ssh/prng_seed > -rw------- 1 jaenicke aet 1024 May 10 11:26 /home/aet/serv01/jaenicke/.ssh/prng_seedentropy.c:447 if (((st.st_mode & 0177) != 0) || !(st.st_uid == geteuid())) fatal("PRNG seedfile %.100s must be mode 0600, owned by uid %d," filename, getuid()); Since ssh is suid to root, geteuid() yields "0". Shouldn't the test be against getuid() (which is also used for the error message)? [works for me with this change] Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153