On Sun, 23 Nov 2025 17:00:41 +0100 Martin Husemann <[email protected]> wrote:
> It most likely is some issue (setup or whatever) on your sshd side. > Do you see sshd logs about the login failures? > > Martin Yes, sshd login failures get logged to /var/log/authlog This is a VM running stock NetBSD-10.1 without any custom configurations. Get sshd PID: # ps aux | grep sshd root 2348 0.0 0.2 71728 3364 ? Ss 9:19AM 0:00.01 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups (ssh Looks like it is using fd 5 for blocklistd socket: # fstat -p 2348 USER CMD PID FD MOUNT INUM MODE SZ|DV R/W root sshd 2348 wd / 2 drwxr-xr-x 512 r root sshd 2348 0 / 1489292 crw-rw-rw- null rw root sshd 2348 1 / 1489292 crw-rw-rw- null rw root sshd 2348 2 / 1489292 crw-rw-rw- null rw root sshd 2348 3* internet6 stream tcp *:ssh root sshd 2348 4* internet stream tcp *:ssh root sshd 2348 5* unix dgram <-> /var/run/blocklistd.sock [using] Now trace all syscalls while simulating ssh login failure: ktruss -d -t A -p 2348 ... No read/write calls are made to fd 5 by sshd I've done the same trace on NetBSD-9.4 and this is what I get: $ grep '(0x5,' /tmp/out 968 1 sshd write(0x5, 0xffffffffffffcae8, 0x5) = 5 968 1 sshd write(0x5, 0x402c8400, 0x8) = 8 968 1 sshd read(0x5, 0x402c8400, 0x5) = 1 968 1 sshd write(0x5, 0xffffffffffffca08, 0x5) = 5 968 1 sshd read(0x5, 0x402c8400, 0x11) = 1 968 1 sshd write(0x5, 0xffffffffffffca48, 0x5) = 5 968 1 sshd read(0x5, 0x402c8400, 0x1) = 1 938 1 sshd sendmsg(0x5, 0xffffffffffffcb10, 0) = 147 I wonder if there have been recent changes to sshd on NetBSD-10.X to cause this. But then you say others running similar release do not see the same issue. So I'm confused now.
