bugzilla-daemon at mindrot.org
2025-Nov-01 10:27 UTC
[Bug 3889] New: something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889
Bug ID: 3889
Summary: something crashed in sshd when connect to it.
Product: Portable OpenSSH
Version: 10.2p1
Hardware: ARM
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: 376186432 at qq.com
error message: mm_reap: child terminated
system:Linux iocharger 3.2.0-ga5487bc8 #1 Thu Oct 30 17:29:55 CST 2025
armv7l GNU/Linux
# cat /tmp/messages | grep ssh
Nov 1 10:01:07 iocharger auth.info sshguard[882]: Now monitoring
attacks.
Nov 1 10:01:09 iocharger auth.debug sshd[912]: debug1: Set
/proc/self/oom_score_adj from 0 to -1000
Nov 1 10:01:09 iocharger auth.info sshd[912]: socket: Address family
not supported by protocol
Nov 1 10:01:09 iocharger auth.debug sshd[912]: debug1: Bind to port 22
on 0.0.0.0.
Nov 1 10:01:09 iocharger auth.info sshd[912]: Server listening on
0.0.0.0 port 22.
Nov 1 10:04:26 iocharger auth.debug sshd[912]: debug1: Forked child
924.
Nov 1 10:04:26 iocharger auth.debug sshd[924]: debug1: Set
/proc/self/oom_score_adj to 0
Nov 1 10:04:26 iocharger auth.debug sshd[924]: debug1: rexec start in
8 out 8 newsock 8 config_s 9/10
Nov 1 10:04:26 iocharger auth.debug sshd-session[924]: debug1: network
sockets: 8, 8
Nov 1 10:04:26 iocharger auth.info sshd-session[924]: Connection from
192.168.33.1 port 57231 on 192.168.33.22 port 22
Nov 1 10:04:26 iocharger auth.debug sshd-session[924]: debug1: Local
version string SSH-2.0-OpenSSH_10.2
Nov 1 10:04:26 iocharger auth.debug sshd-session[924]: debug1: Remote
protocol version 2.0, remote software version OpenSSH_for_Windows_9.5
Nov 1 10:04:26 iocharger auth.debug sshd-session[924]: debug1:
compat_banner: match: OpenSSH_for_Windows_9.5 pat OpenSSH* compat
0x04000000
Nov 1 10:04:26 iocharger auth.debug sshd-session[924]: debug1:
mm_answer_state: config len 3296
Nov 1 10:04:27 iocharger auth.debug sshd-session[924]: debug1:
sshd-auth version OpenSSH_10.2, OpenSSL 3.4.2 1 Jul 2025 [preauth]
Nov 1 10:04:27 iocharger auth.debug sshd-session[924]: debug1:
permanently_set_uid: 101/102 [preauth]
Nov 1 10:04:27 iocharger auth.debug sshd-session[924]: debug1:
list_hostkey_types:
rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Nov 1 10:04:27 iocharger auth.err sshd-session[924]: error: mm_reap:
child terminated by signal 6
Nov 1 10:04:27 iocharger auth.debug sshd-session[924]: debug1:
do_cleanup
Nov 1 10:04:27 iocharger auth.debug sshd-session[924]: debug1: Killing
privsep child 927
Nov 1 10:04:27 iocharger auth.debug sshd[912]: debug1: child_close:
enter
Nov 1 10:04:27 iocharger auth.info sshd[912]: Session process 924
unpriv child crash for connection from 192.168.33.1 to 192.168.33.22
Nov 1 10:04:27 iocharger auth.info sshd[912]: srclimit_penalise: ipv4:
new 192.168.33.1/32 active penalty of 90 seconds for penalty: caused
crash
#
if I use version of 9.9p1?it works fine?any advise to me ? I did not
change the default sshd_config.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-01 13:14 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889 --- Comment #1 from xsj <376186432 at qq.com> --- OpenSSL 3.4.2 1 Jul 2025 (Library: OpenSSL 3.4.2 1 Jul 2025) -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-02 05:37 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889 --- Comment #2 from xsj <376186432 at qq.com> --- if I change version to 9.7p1,GOT:Connection reset by 192.168.33.22 port 22?no reason was found. Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug2: fd 4 setting O_NONBLOCK Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug2: Network child is on pid 1061 Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug3: preauth child monitor started Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug3: privsep user:group 101:102 [preauth] Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug1: permanently_set_uid: 101/102 [preauth] Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth] Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug3: mm_request_receive: entering Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug1: do_cleanup Nov 2 05:26:58 iocharger auth.debug sshd[1058]: debug1: Killing privsep child 1061 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-02 06:54 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889 --- Comment #3 from xsj <376186432 at qq.com> --- I use gdb to trace, find different version all will be received Abort signal when call arc4random_buf in kex_send_kexinit?I write a simple test application using arc4random_buf, it work well, amazing. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-02 08:21 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #4 from Damien Miller <djm at mindrot.org> ---
Try uncommenting this line in sandbox-seccomp-filter.c and recompiling:
/* #define SANDBOX_SECCOMP_FILTER_DEBUG 1 */
(don't leave this on in production).
I'd also recommend running sshd in debug mode, e.g.
/path/to/sshd -dddp 2222
Could you please attach a full debug trace and also provide some more
information about your OS.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-02 11:32 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889 --- Comment #5 from xsj <376186432 at qq.com> --- I use buildroot with kernel 3.2.0, very old version. with glibc 2.41. /path/to/sshd -dddp give me a clear reason: Fatal glibc error: cannot get entropy for arc4random it seems libc problem with old kernel. may using getrandom() instead will deal this problem. But openssh using a lot arc4random api?Now I try uclibc-ng instead.. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2025-Nov-04 00:22 UTC
[Bug 3889] something crashed in sshd when connect to it.
https://bugzilla.mindrot.org/show_bug.cgi?id=3889 --- Comment #6 from Damien Miller <djm at mindrot.org> ---> Fatal glibc error: cannot get entropy for arc4randomThis is an error from glibc not from sshd: https://github.com/bminor/glibc/blob/720e89163702ffa1e921d926b6c36b53c3ccbee4/stdlib/arc4random.c#L30 It's possibly because your glibc has been compiled against headers from a newer kernel than the one you're running it on. It's probably trying to use getrandom() Either way, as far as I can tell without a debug trace, it's not a problem in OpenSSH. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.