search for: packet_write_wait

https://bugzilla.mindrot.org/show_bug.cgi?id=2689 Bug ID: 2689 Summary: Terminal new line after packet_write_wait: Connection failure Product: Portable OpenSSH Version: 7.2p2 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot...

Hi. Environment: * OS: Antergos Linux (Fully updated daily) (Running as a guest on VM). * OpenSSH: 7.8p1 Description: Immediately upon creating a successful SSH tunnel login, the connection is dropped with the "packet_write_wait: Connection to X.X.X.X port 22: Broken pipe" error. I've verified the issue is due to OpenSSH 7.8p1 in the following ways: * Use a different, older client (i.e. the Windows host machine's PuTTy client, which I haven't updated god-knows-when). * Downgrade the Antergos gues...

...the same router is the server running CentOS 6. For various reasons, I access the server via its external IP address, not the local one. Access is via ssh. When using straight ssh, the connection times out after random times, always less than 20 minutes or so, though, with the error message "packet_write_wait: broken pipe", not the common "write failed: broken pipe". However, when I am in a ssh session on a VPN connection (which terminates in an outside server far away from my network), the ssh connection does /not/ time out. Further, accessing the same server as first mentioned, in the...

...if (authctxt->postponed) return; - /* XXX todo: check if multiple auth methods are needed */ - if (authenticated == 1) { - /* turn off userauth */ - dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); - packet_start(SSH2_MSG_USERAUTH_SUCCESS); - packet_send(); - packet_write_wait(); - /* now we can break out */ - authctxt->success = 1; - } else { + if (!authenticated) { if (authctxt->failures++ > AUTH_FAIL_MAX) { packet_disconnect(AUTH_FAIL_MSG, authctxt->user); } @@ -252,6 +243,32 @@ userauth_finish(Authctxt *authctxt, int packet_send(); pack...

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of

...ilesystem as /. This can lead to backing up /proc's contents (many pseudofiles), if you don't exclude it, even if you use rsync's -x option. On Sun, Mar 25, 2018 at 6:43 AM, Marc Roos via rsync <rsync at lists.samba.org> wrote: > > I still stuck with these errors > > packet_write_wait: Connection to 192.168.10.43 port 22: Broken pipe > rsync: connection unexpectedly closed (534132435 bytes received so far) > [receiver] > rsync error: error in rsync protocol data stream (code 12) at io.c(605) > [receiver=3.0.9] > rsync: connection unexpectedly closed (27198 bytes r...

...d_keys on remote host, so I have to authenticate with password. On the remote host: # /usr/sbin/sshd -T | egrep permitroot permitrootlogin yes Attempting: $ ssh root@<remotehost> shows: Received disconnect from <remotehost> port 22:2: Too many authentication failures for root packet_write_wait: Connection to <remotehost> port 22: Broken pipe mux_client_request_session: read from master failed: Broken pipe Failed to connect to new control master Yes, I do have a few keys in ~/.ssh and use ControlMaster: debug1: Offering RSA public key: <userhomedir>/.ssh/id_rsa debug1: O...

...irst_pass nullok sha512 shadow password optional pam_smbpass.so try_first_pass nollok password optional pam_permit.so session required pam_limits.so session required pam_unix.so session optional pam_permit.so Now if I try to login with testuser user via ssh I get this error message: packet_write_wait: Connection to 192.168.xxx.xxx: Broken pipe If I log in with any other user I get the same message. If I uncomment the line auth optional pam_smbpass.so migrate and try to login again it works. Also a samba account for testuser has been created. Does anyone have a solution how this ca...

I still stuck with these errors packet_write_wait: Connection to 192.168.10.43 port 22: Broken pipe rsync: connection unexpectedly closed (534132435 bytes received so far) [receiver] rsync error: error in rsync protocol data stream (code 12) at io.c(605) [receiver=3.0.9] rsync: connection unexpectedly closed (27198 bytes received so far) [gener...

...5,6 +65,7 @@ extern ServerOptions options; extern unsigned char *session_id2; extern int session_id2_len; +extern int user_authenticated_as_root; /* Jarno: From channels.c */ /* protocol */ @@ -239,6 +240,14 @@ packet_put_char(0); /* XXX partial success, unused */ packet_send(); packet_write_wait(); + } + + /* Jarno: Set the user_authenticated_as_root flag */ + if ( authenticated && pw && pw->pw_uid == (uid_t)0 ) { + user_authenticated_as_root = 1; + } + else { + user_authenticated_as_root = 0; } xfree(service); diff -u -r openssh-2.1.1p4/channels.c openssh-2.1.1...

Added the line as above: 'IPQoS lowdelay throughput', restarted the SSH service, tried SSH-ing and Git-ing... same error as before: 'packet_write_wait: Connection to X.X.X.X port 22: Broken pipe'. ________________________________ From: Zach Cheung <kuroro.zhang at gmail.com> Sent: 29 August 2018 07:17 To: ohadfjunkbox at outlook.com Cc: dtucker at dtucker.net; openssh-unix-dev at mindrot.org Subject: Re: OpenSSH 7.8p1 drops SSH connecti...

...keepalive on FreeBSD is unhelpful here; it only kicks in after 2 hours, and I need stuck SSH sessions to die a lot sooner. I want to keep the FreeBSD TCP keepalive defaults. Would it be possible for the select() in packet_read_seqnr to use an optional timeout? Similarly, I believe the select() in packet_write_wait has the same problem. Upon timeout, it would be fine with me if the session died with an error logged. Alternatively, if SSH keepalives were sent during key exchange, that would suffice. Thanks for reading, and thanks for making OpenSSH. I've been a happy user for many years now! Matt Day &lt...

I don?t know what?s going on the sushi from the laptop always kick me out!!! Fresh installation. packet_write_wait: Connection How can that be! Andy

...ard"); - packet_put_char(0); /* boolean: want reply */ + /* Ask for reply so we know to expect 'forwarded-tcpip' messages */ + packet_put_char(1); /* Boolean 1 asks for reply */ packet_put_cstring(address_to_bind); packet_put_int(listen_port); - } else { + packet_send(); + packet_write_wait(); + + type = packet_read(&payload_len); /* Expect reply from server */ + switch (type) { + case SSH2_MSG_REQUEST_SUCCESS: + success = 1; + break; + case SSH2_MSG_REQUEST_FAILURE: + log("Warning: Server doesn't do port forwarding."); + break; + default: + /* Unknown...

On 02/12/2018 06:34 PM, Stephen John Smoogen wrote: > On Mon, Feb 12, 2018 at 6:25 PM H <agents at meddatainc.com> wrote: > >> Running CentOS 7 on workstation and having a problem with ssh disconnects. >> My ssh_config contains: >> >> Host * >> TCPKeepAlive yes >> ServerAliveInterval 30 >> ServerAliveCountMax 300 >> >> and

...channel."); + } + xfree( address_to_bind ); + } + + /* Client requested a reply */ + if ( want_reply ) { + if ( success ) { + packet_start(SSH2_MSG_REQUEST_SUCCESS); + } + else { + packet_start(SSH2_MSG_REQUEST_FAILURE); + } + /* Now send the SUCCESS/FAILURE */ + packet_send(); + packet_write_wait(); + } + xfree(rtype); +} + /* * Stops listening for channels, and removes any unix domain sockets that we * might have. @@ -1326,6 +1424,7 @@ channel_free(i); break; case SSH_CHANNEL_PORT_LISTENER: + case SSH2_CHANNEL_PORT_LISTENER: case SSH_CHANNEL_X11_LISTENER: close(chan...

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for

...ctx, - &reply); + reply); if (problem) goto err; @@ -144,19 +143,16 @@ krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user, client); - packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); - packet_put_string((char *) reply.data, reply.length); - packet_send(); - packet_write_wait(); - ret = 1; err: if (server) krb5_free_principal(authctxt->krb5_ctx, server); if (ticket) krb5_free_ticket(authctxt->krb5_ctx, ticket); - if (reply.length) - xfree(reply.data); + if (!ret && reply->length) { + xfree(reply->data); + memset(reply, 0, sizeof(*rep...

...29 -0800 @@ -207,6 +207,7 @@ debug("sending challenge '%s'", challenge); packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); packet_put_cstring(challenge); + explicit_bzero(challenge, sizeof(*challenge)); free(challenge); packet_send(); packet_write_wait(); @@ -356,6 +357,7 @@ /* Log before sending the reply */ auth_log(authctxt, authenticated, 0, get_authname(type), NULL); + explicit_bzero(client_user, sizeof(*client_user)); free(client_user); client_user = NULL; =====...

...e challenge/response (ssh1 TIS) */ + /* Send the challenge */ + strlcpy(buf, PAM_MSG_MEMBER(msg, count, msg), + sizeof(buf)); + debug("sending challenge '%s'", buf); + packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); + packet_put_cstring(buf); + packet_send(); + packet_write_wait(); + + /* Give the response to the PAM module */ + if ((type = packet_read(&plen)) != + SSH_CMSG_AUTH_TIS_RESPONSE) { + free(reply); + return PAM_CONV_ERR; + } + debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); + response = packet_get_string(&dlen); + deb...