https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289475
Bug ID: 289475
Summary: sshd dumps core after freebsd-update to
14.3-RELEASE-p2
Product: Base System
Version: 14.3-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: misc
Assignee: [email protected]
Reporter: [email protected]
I run FreeBSD 14.3-RELEASE on an Internet facing bastion host.
Immediately after a freebsd-update to 14.3-RELEASE-p2, sshd started dumping
core several times a day, usually with the following message:
sshd[X]: fatal: pack_hostkey: serialize hostkey private: string is too large
To mitigate these failures, I attempted to remove all ECDSA options from the
key exchange. This has not made a difference.
I have also run a freebsd-update IDS, and the ssh binaries pass their
checksums.
As a test, I tried generating a maximum length (521 bit) ECDSA key, and
restarted
sshd:
# ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key
# service sshd start
Segmentation fault
... and now it won't start
Via service:
# service sshd start
accumulate_host_timing_secret: encode ssh-rsa key: string is too large
/etc/rc.d/sshd: WARNING: failed to start sshd
# ssh -V
OpenSSH_9.9p2, OpenSSL 3.0.16 11 Feb 2025
Can someone please take a look at what changed with hostkey handling/string
packing? Thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
