Howdy, After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f) I'm unable to ssh between two systems any more (the two that I've upgraded). I've recompiled from the original source several times, each time with no errors, regenerated host keys, regenerated client keys (using rsa), etc., to no avail. Below are some relevant snippets of debugging output around where the error occurs. Feel free to contact me regarding any additional information required. Output from "ssh -v -v -v pgppt" executed on a HP C240 workstation (HP-UX 11.0, PA-RISC 1.1): ...(lines above here deleted)... debug1: Host 'pgppt.pasms.chevron.com' is known and matches the RSA host key. debug1: Found key in /users/clad/.ssh/known_hosts2:3 debug1: bits set: 981/2049 debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: Enabling compression at level 6. debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,password,keyboard-interactive debug3: authmethod_lookup publickey debug3: remaining preferred: password,keyboard-interactive debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try pubkey: /users/clad/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 4001df30 hint 1 debug2: input_userauth_pk_ok: fp 0f:95:05:08:b7:47:eb:dd:37:ae:71:c1:5a:24:4b:20 debug3: sign_and_send_pubkey debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> Enter passphrase for key '/users/clad/.ssh/id_rsa': debug1: read PEM private key done: type RSA debug2: ssh_rsa_sign: done debug1: ssh-userauth2 successful: method publickey debug3: clear hostkey 0 debug3: clear hostkey 1 debug3: clear hostkey 2 debug1: channel 0: new [client-session] debug1: channel_new: 0 debug1: send channel open 0 Memory fault Output from /usr/local/sbin/sshd -ddd -D on server side (HP K460, HP-UX 11.0, PA-RISC 1.1): debug1: Enabling compression at level 6. debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user clad service ssh-connection method none debug1: attempt 0 failures 0 debug2: input_userauth_request: setting up authctxt for clad debug2: input_userauth_request: try method none Failed none for clad from 26.25.12.170 port 49998 ssh2 debug1: userauth-request for user clad service ssh-connection method publickey debug1: attempt 1 failures 1 debug2: input_userauth_request: try method publickey debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 101/20 (e=0) debug1: matching key found: file /home/clad/.ssh/authorized_keys2, line 1 debug1: restore_uid debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa Postponed publickey for clad from 26.25.12.170 port 49998 ssh2 debug1: userauth-request for user clad service ssh-connection method publickey debug1: attempt 2 failures 1 debug2: input_userauth_request: try method publickey debug1: temporarily_use_uid: 101/20 (e=0) debug1: matching key found: file /home/clad/.ssh/authorized_keys2, line 1 debug1: restore_uid debug1: ssh_rsa_verify: signature correct debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa Accepted publickey for clad from 26.25.12.170 port 49998 ssh2 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 Connection closed by remote host. Closing connection to 26.25.12.170 debug1: compress outgoing: raw data 228, compressed 226, factor 0.99 debug1: compress incoming: raw data 609, compressed 372, factor 0.61 debug1: writing PRNG seed to file /root/.ssh/prng_seed
On Fri, May 25, 2001 at 12:04:57PM -0700, Ladner, Eric (CLAD) wrote:> After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL > 0x0090600f) > I'm unable to ssh between two systems any more (the two that I've upgraded).> Below are some relevant snippets of debugging output around where the error > occurs. > Feel free to contact me regarding any additional information required. > > Output from "ssh -v -v -v pgppt" executed on a HP C240 workstation (HP-UX > 11.0, > PA-RISC 1.1):I am running 2.9p1 on HP-UX 10.20 (platforms are from 710 to C200), so there is certain probability that we can get it to run :-)> debug1: channel 0: new [client-session] > debug1: channel_new: 0 > debug1: send channel open 0 > Memory faultThis is the point to step into debugging. From a Memory fault you should either get a core dump (but ssh is suid root, so you probably won't get one) or you can run it under a debugger and will end up at the location causing the memory fault. You must perform this as root, since ssh is suid root. Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
Hmm.. Oddly enough, if I run this as root, connecting to the same user on the other machine with "ssh -l clad pgppt", it works. Also used this, "ssh -2 -l clad -i /home/clad/.ssh/id_rsa pgppt" to force V2 and authenticate aginst my own key. It still works. Kinda throws a wrinkle into me running this under root and debugging it. I'm going to scratch my head on this a bit.. Thanks, Eric -----Original Message----- From: Lutz Jaenicke [mailto:Lutz.Jaenicke at aet.TU-Cottbus.DE] Sent: Friday, May 25, 2001 2:27 PM To: 'openssh-unix-dev at mindrot.org' Subject: Re: Upgraded to 2.9p1 with no luck.. On Fri, May 25, 2001 at 12:04:57PM -0700, Ladner, Eric (CLAD) wrote:> After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL > 0x0090600f) > I'm unable to ssh between two systems any more (the two that I'veupgraded).> Below are some relevant snippets of debugging output around where theerror> occurs. > Feel free to contact me regarding any additional information required. > > Output from "ssh -v -v -v pgppt" executed on a HP C240 workstation (HP-UX > 11.0, > PA-RISC 1.1):I am running 2.9p1 on HP-UX 10.20 (platforms are from 710 to C200), so there is certain probability that we can get it to run :-)> debug1: channel 0: new [client-session] > debug1: channel_new: 0 > debug1: send channel open 0 > Memory faultThis is the point to step into debugging. From a Memory fault you should either get a core dump (but ssh is suid root, so you probably won't get one) or you can run it under a debugger and will end up at the location causing the memory fault. You must perform this as root, since ssh is suid root. Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
The weird thing is it seems to be dying in the deflate fuction of the zlib directory. I've been running the same zlib library for well over a year (zlib 1.1.3, compiled from pristine source). I recompiled the library but that didn't seem to help. I turned on packet debugging and put some extra debug messages in, but it definitly dies in the compress routine calling the deflate() function. Thoughts? -----Original Message----- From: Lutz Jaenicke [mailto:Lutz.Jaenicke at aet.TU-Cottbus.DE] Sent: Friday, May 25, 2001 2:27 PM To: 'openssh-unix-dev at mindrot.org' Subject: Re: Upgraded to 2.9p1 with no luck.. On Fri, May 25, 2001 at 12:04:57PM -0700, Ladner, Eric (CLAD) wrote:> After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL > 0x0090600f) > I'm unable to ssh between two systems any more (the two that I'veupgraded).> Below are some relevant snippets of debugging output around where theerror> occurs. > Feel free to contact me regarding any additional information required. > > Output from "ssh -v -v -v pgppt" executed on a HP C240 workstation (HP-UX > 11.0, > PA-RISC 1.1):I am running 2.9p1 on HP-UX 10.20 (platforms are from 710 to C200), so there is certain probability that we can get it to run :-)> debug1: channel 0: new [client-session] > debug1: channel_new: 0 > debug1: send channel open 0 > Memory faultThis is the point to step into debugging. From a Memory fault you should either get a core dump (but ssh is suid root, so you probably won't get one) or you can run it under a debugger and will end up at the location causing the memory fault. You must perform this as root, since ssh is suid root. Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
The only one I have that will compile ANSI-C is gcc 2.95.2. I used whatever default compile optinos that configure devined.. E -----Original Message----- From: Lutz Jaenicke [mailto:Lutz.Jaenicke at aet.TU-Cottbus.DE] Sent: Thursday, May 31, 2001 11:14 AM To: 'openssh-unix-dev at mindrot.org' Subject: Re: Upgraded to 2.9p1 with no luck.. On Thu, May 31, 2001 at 07:20:33AM -0700, Ladner, Eric (CLAD) wrote:> The weird thing is it seems to be dying in the deflate fuction of the > zlib directory. I've been running the same zlib library for well over > a year (zlib 1.1.3, compiled from pristine source). I recompiled the > library but that didn't seem to help. I turned on packet debugging > and put some extra debug messages in, but it definitly dies in the > compress routine calling the deflate() function.The deflate() routine will deflate the data into preallocated memory, so zlib may still be innocent...> > Output from "ssh -v -v -v pgppt" executed on a HP C240 workstation(HP-UX> > 11.0, > > PA-RISC 1.1):What compilers did you use? (Wild guesses, because I am running out of ideas :-) Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
Apparently Analagous Threads
- [Lutz.Jaenicke@aet.TU-Cottbus.DE: 2.9p1: HP-UX 10.20 utmp/wtmp handling broken?]
- Change in behavior from 2.5p2 to 2.9p1
- ssh-agent and id_dsa
- Recent openssl is required for OPENSSL_free [Re: Please test snapshots for 3.0 release] (fwd)
- issue with EGD in openssh