openssh bugs - Sep 2003 - [Bug 665] sshd doesn't work on Mac OS X

http://bugzilla.mindrot.org/show_bug.cgi?id=665

           Summary: sshd doesn't work on Mac OS X
           Product: Portable OpenSSH
           Version: 3.7p1
          Platform: PPC
        OS/Version: Mac OS X
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: max at quendi.de


sshd worked fine on Mac OS X up to and including 3.6.1p1. I never tried 3.7p1,
but in 3.7.1p1 it
definitely is broken. In particular, when ssh'ing to localhost, my server
dies with this message:

[...]
debug3: privsep user:group 75:75
debug1: permanently_set_uid: 75/75
setuid 75: Operation not permitted
debug1: Calling cleanup 0x25008(0x0)


The full output:
root# sshd -d -d -d
debug2: read_server_config: filename /sw/etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.7.1p1
Could not load host key: /sw/etc/ssh/ssh_host_key
Could not load host key: /sw/etc/ssh/ssh_host_rsa_key
debug3: Not a RSA1 key file /sw/etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
Disabling protocol version 1. Could not load host key
debug1: setgroups() failed: Invalid argument
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from ::1 port 49356
debug1: Client protocol version 2.0; client software version OpenSSH_3.7.1p1
debug1: match: OpenSSH_3.7.1p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p1
debug2: Network child is on pid 20205
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 75:75
debug1: permanently_set_uid: 75/75
setuid 75: Operation not permitted
debug1: Calling cleanup 0x25008(0x0)


For comparision, this is what 3.6.1p1 says (truncated):
root# sshd -d -d -d
debug2: read_server_config: filename /sw/etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.6.1p1
Could not load host key: /sw/etc/ssh/ssh_host_key
Could not load host key: /sw/etc/ssh/ssh_host_rsa_key
debug3: Not a RSA1 key file /sw/etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
Disabling protocol version 1. Could not load host key
debug1: setgroups() failed: Invalid argument
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from ::1 port 49357
debug1: Client protocol version 2.0; client software version OpenSSH_3.6.1p1
debug1: match: OpenSSH_3.6.1p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p1
debug2: Network child is on pid 20252
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 75:75
debug1: permanently_set_uid: 75/75
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
[...]



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=665





------- Additional Comments From max at quendi.de  2003-09-18 05:56 -------
Created an attachment (id=416)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=416&action=view)
Workaround for the problem

This patch fixes the problem for me, by forcing OpenSSH to use setuid again,
instead of setreuid/seteuid.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=665

openssh.9.aktnist at antichef.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |openssh.9.aktnist at antichef.c
                   |                            |om



------- Additional Comments From openssh.9.aktnist at antichef.com  2003-09-18
07:03 -------
*** Bug 664 has been marked as a duplicate of this bug. ***



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=665

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED



------- Additional Comments From dtucker at zip.com.au  2003-09-22 11:08 -------
Thanks, patch applied to HEAD and the 3.7 branch.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.