Package: openssh-server Version: 1:6.0p1-2 Followup-For: Bug #258131 Hello, I am having strange SIGSEGV issues with sshd, but good news: it is reproductible.
When trying to use both KerberosAuthentication and GSSAPIAuthentication, you get two cases: * If you connect with a client using "GSSAPIAuthentication yes", with a valid Kerberos ticket, everything connects fine and you get a valid ticket on the remote host. * If you connect with a client using "GSSAPIAuthentication no", ssh exits just after outputing: "Connection closed by 192.168.100.10" Here is the Server Debug: ---8<--- debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug1: inetd sockets after dupping: 3, 3 Connection from 192.168.100.1 port 58888 debug1: Client protocol version 2.0; client software version OpenSSH_6.0p1 Debian-2 debug1: match: OpenSSH_6.0p1 Debian-2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-2 debug1: permanently_set_uid: 103/65534 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client->server aes128-ctr hmac-md5 none [preauth] debug1: kex: server->client aes128-ctr hmac-md5 none [preauth] debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] debug1: SSH2_MSG_NEWKEYS sent [preauth] debug1: expecting SSH2_MSG_NEWKEYS [preauth] debug1: SSH2_MSG_NEWKEYS received [preauth] debug1: KEX done [preauth] debug1: userauth-request for user mcerda service ssh-connection method none [preauth] debug1: attempt 0 failures 0 [preauth] debug1: PAM: initializing for "mcerda" debug1: PAM: setting PAM_RHOST to "192.168.100.1" debug1: PAM: setting PAM_TTY to "ssh" debug1: userauth-request for user mcerda service ssh-connection method publickey [preauth] debug1: attempt 1 failures 0 [preauth] debug1: test whether pkalg/pkblob are acceptable [preauth] debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: trying public key file /home/mcerda/.ssh/authorized_keys debug1: Could not open authorized keys '/home/mcerda/.ssh/authorized_keys': No such file or directory debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: trying public key file /home/mcerda/.ssh/authorized_keys2 debug1: Could not open authorized keys '/home/mcerda/.ssh/authorized_keys2': No such file or directory debug1: restore_uid: 0/0 Failed publickey for mcerda from 192.168.100.1 port 58888 ssh2 debug1: userauth-request for user mcerda service ssh-connection method password [preauth] debug1: attempt 2 failures 1 [preauth] debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 1000/1000 (e=0/0) ---8<--- And the client one: ---8<--- OpenSSH_6.0p1 Debian-2, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /home/mcerda/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to dashie.zea.zen [192.168.100.10] port 22. debug1: Connection established. debug1: identity file /home/mcerda/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/mcerda/.ssh/id_rsa-cert type -1 debug1: identity file /home/mcerda/.ssh/id_dsa type -1 debug1: identity file /home/mcerda/.ssh/id_dsa-cert type -1 debug1: identity file /home/mcerda/.ssh/id_ecdsa type -1 debug1: identity file /home/mcerda/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-2 debug1: match: OpenSSH_6.0p1 Debian-2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 35:5d:08:41:bf:ac:d2:b3:1c:ce:4b:b4:7b:18:21:d8 debug1: Host 'dashie.zea.zen' is known and matches the ECDSA host key. debug1: Found key in /home/mcerda/.ssh/known_hosts:1 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/mcerda/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Trying private key: /home/mcerda/.ssh/id_dsa debug1: Trying private key: /home/mcerda/.ssh/id_ecdsa debug1: Next authentication method: password [email protected]'s password: Connection closed by 192.168.100.10 ---8<--- (not much details here. Looks like the remote just hung up without saying anything) Here is a GDB session when this bug is encountered: ---8<--- Program received signal SIGSEGV, Segmentation fault. 0x00007ffff6347f9a in ?? () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) thr apply all bt Thread 1 (Thread 0x7ffff7fe27c0 (LWP 9007)): #0 0x00007ffff6347f9a in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007ffff634b87c in free () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x00007ffff68d182b in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3 #3 0x00007ffff68d2216 in krb5_aname_to_localname () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3 #4 0x00007ffff68d55eb in krb5_kuserok () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3 #5 0x00005555555804ba in ?? () #6 0x000055555556647b in ?? () #7 0x000055555557a72a in ?? () #8 0x000055555557b7ca in ?? () #9 0x000055555557c5ed in ?? () #10 0x0000555555564103 in main () ---8<--- Well, I hope this helps. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-server depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.44 ii dpkg 1.16.4.3 ii libc6 2.13-33 ii libcomerr2 1.42.4-3 ii libgssapi-krb5-2 1.10.1+dfsg-1 ii libkrb5-3 1.10.1+dfsg-1 ii libpam-modules 1.1.3-7.1 ii libpam-runtime 1.1.3-7.1 ii libpam0g 1.1.3-7.1 ii libselinux1 2.1.9-5 ii libssl1.0.0 1.0.1c-3 ii libwrap0 7.6.q-23 ii lsb-base 4.1+Debian7 ii openssh-client 1:6.0p1-2 ii procps 1:3.3.3-2 ii zlib1g 1:1.2.7.dfsg-13 Versions of packages openssh-server recommends: ii openssh-blacklist 0.4.1 ii openssh-blacklist-extra 0.4.1 ii xauth 1:1.0.7-1 Versions of packages openssh-server suggests: pn molly-guard <none> pn monkeysphere <none> pn rssh <none> pn ssh-askpass <none> pn ufw <none> -- debconf information: * ssh/use_old_init_script: true ssh/vulnerable_host_keys: ssh/encrypted_host_key_but_no_keygen: ssh/disable_cr_auth: false -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
