Package: openssh-server Version: 1:6.2p2-6 Severity: normal I am attempting to transfer a large (1.6 GiB) file over sftp. I have set my RekeyLimit to 1G in my ~/.ssh/config file. When I get to the rekey limit, the connection is reset:
vauxhall ok % sftp bmc@castro:/media/data/bmc/finished/upload/
Connected to castro.
Changing to: /media/data/bmc/finished/upload/
sftp> put large-file
Uploading large-file to /media/data/bmc/finished/upload/large-file
large-file
67% 1021MB 8.0MB/s 01:02 ETAConnection closed by 173.11.243.49
Couldn't read packet: Connection reset by peer
The auth.log file on the server says:
Oct 19 14:01:12 castro sshd[649315]: Authorized to bmc, krb5 principal
[email protected] (krb5_kuserok)
Oct 19 14:01:12 castro sshd[649315]: Accepted gssapi-with-mic for bmc from
172.16.2.247 port 44985 ssh2
Oct 19 14:01:12 castro sshd[649315]: pam_unix(sshd:session): session opened
for user bmc by (uid=0)
Oct 19 14:01:12 castro sshd[649317]: subsystem request for sftp by user bmc
Oct 19 14:03:44 castro sshd[649317]: fatal: xfree: NULL pointer given as
argument
Oct 19 14:03:44 castro sshd[649315]: pam_unix(sshd:session): session closed
for user bmc
Note the "fatal: xfree: NULL pointer given as argument" error. This
terminates the session. If I set the RekeyLimit value to 2G (larger
than my file), it works just fine. If you don't feel like transferring
gigabytes of data, I can also reproduce this problem with a 200M
RekeyLimit (I haven't tried smaller). It also happens with publickey
authentication as well as GSSAPI, although the line starting with
"fatal" is not logged in that case.
I originally saw this error with sshfs-fuse, but as you can see, it also
happens with the plain sftp client. Please let me know if you need more
information, as this is easily reproducible for me.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.113+nmu3
ii dpkg 1.17.1
ii libc6 2.17-93
ii libcomerr2 1.42.8-1
ii libgssapi-krb5-2 1.11.3+dfsg-3
ii libkrb5-3 1.11.3+dfsg-3
ii libpam-modules 1.1.3-9
ii libpam-runtime 1.1.3-9
ii libpam0g 1.1.3-9
ii libselinux1 2.1.13-3
ii libssl1.0.0 1.0.1e-3
ii libwrap0 7.6.q-24
ii lsb-base 4.1+Debian12
ii openssh-client 1:6.2p2-6
ii procps 1:3.3.8-2
ii sysv-rc 2.88dsf-43
ii zlib1g 1:1.2.8.dfsg-1
Versions of packages openssh-server recommends:
ii ncurses-term 5.9+20130608-1
ii xauth 1:1.0.7-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
ii openssh-blacklist 0.4.1+nmu1
ii openssh-blacklist-extra 0.4.1+nmu1
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information:
ssh/disable_cr_auth: false
ssh/encrypted_host_key_but_no_keygen:
ssh/vulnerable_host_keys:
* ssh/use_old_init_script: true
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
